Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0382 — Microsoft Windows NT vulnerability

4 documents4 sources

Severity

7.2HIGHNVD

EPSS

3.1%

top 13.18%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Windows NT

Timeline

PublishedMar 12

Latest updateApr 30

Description

The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/windows_nt3.5.1, 4.0+1

🔴Vulnerability Details

GHSA

GHSA-9h86-j86m-7fx3: The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated p↗2022-04-30

▶

CVEList

CVE-1999-0382: The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated p↗1999-09-29

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver↗1999-03-10

▶