CVE-1999-1431

CVE Database · CVE-1999-1431

CVE-1999-1431

· N/AModified

CVSS v3.1

N/A

EPSS

9.65%

Published

Jan 7, 2005

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBMicrosoft Zero Administration Kit (ZAK) 1.0 / Office97 - Backdoor Access

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.

Affected Products (1)

microsoft · zero_administration_kitvulnerable

References (6)

http://marc.info/?l=ntbugtraq&m=91576100022688&w=2

http://marc.info/?l=ntbugtraq&m=91606260910008&w=2

http://www.securityfocus.com/bid/181

ExploitVendor Advisory

http://marc.info/?l=ntbugtraq&m=91576100022688&w=2

http://marc.info/?l=ntbugtraq&m=91606260910008&w=2

http://www.securityfocus.com/bid/181

ExploitVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs