CVE Vulnerabilities

CVE-2003-1233

Published: Dec 31, 2003 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) DevicePhysicalMemory or (2) to a drive letter using the subst command.

Affected Software

Name Vendor Start Version End Version
Integrity_protection_driver Pedestal_software 1.2 1.2
Integrity_protection_driver Pedestal_software 1.3 1.3

References