CVE-2003-1233
CRITICALPedestal Software Integrity Protection Driver < 1.3 - Privileged File Access Restriction Bypass via Symbolic Link
Title source: llmDescription
Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command.
References (6)
Core 6
Core References
Broken Link, Patch mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2003-01/0017.html
Broken Link, Exploit, Patch mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2003-01/0018.html
Broken Link, Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6511
Broken Link x_refsource_misc
http://www.phrack.org/show.php?p=59&a=16
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/10979
Broken Link, Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/7816
Scores
CVSS v3
9.8
EPSS
0.0163
EPSS Percentile
73.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-59
Status
published
Products (1)
pedestalsoftware/integrity_protection_driver
< 1.3
Published
Dec 31, 2003
Tracked Since
Feb 18, 2026