Описание
Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for (1) NtOpenProcess and (2) NtOpenThread.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:privacyware:privatefirewall:5.0.14.2:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.0007
Низкий
4.4 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for (1) NtOpenProcess and (2) NtOpenThread.
EPSS
Процентиль: 22%
0.0007
Низкий
4.4 Medium
CVSS2
Дефекты
CWE-20