exploitDog

CVE-1999-1431

Опубликовано: 07 янв. 2005

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.

Ссылки

http://marc.info/?l=ntbugtraq&m=91576100022688&w=2
http://marc.info/?l=ntbugtraq&m=91606260910008&w=2
http://www.securityfocus.com/bid/181
Exploit
Vendor Advisory
http://marc.info/?l=ntbugtraq&m=91576100022688&w=2
http://marc.info/?l=ntbugtraq&m=91606260910008&w=2
http://www.securityfocus.com/bid/181
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:zero_administration_kit:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02793

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-q7hj-hx26-wwww

github

около 3 лет назад

ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.

EPSS

Процентиль: 85%

0.02793

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other