CVE-1999-0382

Windows NT - Privilege Escalation via Screen Saver Security Context

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0382. PoCs published by Cybermedia Software Private Limited.

AI-analyzed exploit summary This is a detailed technical writeup describing a privilege escalation vulnerability in Windows screensaver execution via Winlogon.exe. The exploit leverages a failure in token assignment to execute arbitrary code with SYSTEM privileges.

Description

The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Cybermedia Software Private Limited · textlocalwindows
https://www.exploit-db.com/exploits/19359

This is a detailed technical writeup describing a privilege escalation vulnerability in Windows screensaver execution via Winlogon.exe. The exploit leverages a failure in token assignment to execute arbitrary code with SYSTEM privileges.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Theoretical
Target: Microsoft Windows (versions affected by CVE-1999-0382)
Auth required
Prerequisites: Local user access · Ability to set custom screensaver
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

EPSS 0.0314
EPSS Percentile 86.3%

Details

Status published
Products (2)
microsoft/windows_nt 3.5.1 sp1 (5 CPE variants)
microsoft/windows_nt 4.0 (5 CPE variants)
Published Mar 12, 1999
Tracked Since Feb 18, 2026