Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0376 — Microsoft Windows NT vulnerability

4 documents4 sources
Severity
4.6MEDIUMNVD
EPSS
0.5%
top 35.38%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Windows NT
Timeline
PublishedFeb 20
Latest updateApr 30

Description

Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

â–¶NVDmicrosoft/windows_nt3.5.1, 4.0+1

🔴Vulnerability Details

2
GHSA
GHSA-m2f4-5w48-qvv5: Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs↗2022-04-30
â–¶
CVEList
CVE-1999-0376: Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs↗1999-09-29
â–¶

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows NT 4.0 SP4 - Known DLL Cache↗1999-02-18
â–¶
CVE-1999-0376 — Microsoft Windows NT vulnerability | cvebase