CVE-1999-1217

CVSS 2.0 Score 4.6 of 10 (medium)

Details

Published Jul 25, 1997
Updated: Oct 10, 2017

Summary

CVE-1999-1217 is a vulnerability affecting Windows NT systems. This issue stems from the inclusion of the current working directory (.) in the PATH environment variable. Malicious users can exploit this by placing Trojan horse programs with names identical to those of common system programs in specific directories, potentially allowing them to elevate their privileges. This vulnerability poses a significant risk, especially in environments where users have local access to the system. It is crucial for system administrators to keep their systems updated and take measures to prevent unauthorized software installation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Microsoft Windows NT

Affected Vendors

  • Microsoft