CVE-1999-0700

Microsoft Windows 2000 and NT - Buffer Overflow in Phone Dialer via Malformed dialer.ini Entry

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0700. PoCs published by David Litchfield.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow in Dialer.exe by crafting a malicious dialer.ini file. The payload overwrites the return address to execute arbitrary code via WinExec(), launching a batch file (code.bat) with system privileges.

Description

Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by David Litchfield · clocalwindows

https://www.exploit-db.com/exploits/19440

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow in Dialer.exe by crafting a malicious dialer.ini file. The payload overwrites the return address to execute arbitrary code via WinExec(), launching a batch file (code.bat) with system privileges.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Dialer.exe (Windows NT 4.0 SP4)

No auth needed

Prerequisites: Write access to %systemroot% directory · Victim must execute Dialer.exe

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-026

Vendor Advisory vendor-advisory x_refsource_mskb

http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ237185

Scores

EPSS 0.0289

EPSS Percentile 85.1%

Details

CWE

CWE-119

Status published

Products (3)

microsoft/windows_2000

microsoft/windows_nt

microsoft/windows_nt 4.0 (6 CPE variants)

Published Jul 29, 1999

Tracked Since Feb 18, 2026