CVE-2003-1246

NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver IPD 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command...

CVE-2006-3074

KVE-2006-3074 affects Kaspersky Internet Security 6.0/7.0 and KAV 6.0/7.0 (Windows Workstations/Servers). The vulnerability arises from insufficient validation of parameters to hooked system calls (NtCreateKey, NtCreateProcess, NtCreateProcessEx, NtCreateSection, NtCreateSymbolicLinkObject, NtCre...

CVE-2003-1246

CVE-2003-1246 affects the Integrity Protection Driver (IPD) versions 1.2 and 1.3. The vulnerability is in NtCreateSymbolicLinkObject within ntdll.dll, allowing a local attacker to create and overwrite arbitrary files under boot/system path via a symlink attack on \winnt\system32\drivers using the...

CVE-2003-1233

Pedestal Software Integrity Protection Driver IPD 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to 1 \Device\PhysicalMemory or 2 to a drive letter...

Integrity Protection Driver protection bypass

Drivers protection may be bypassed via subst link to drivers directory or NtCreateSymbolicLinkObject API...