Arbitrary File Overwrite Vulnerability in Integrity Protection Driver (IPD)

Arbitrary File Overwrite Vulnerability in Integrity Protection Driver (IPD)

CVE-2003-1246 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command.

Learn more about our User Device Pen Test.