CVE-1999-1365 - Hard handed Hierarchies


Windows NT searches a user’s home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE EXPLORER.EXE USERINIT.EXE or TASKMGR.EXE which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory which is writable by default.