exploitDog

CVE-2007-4971

Опубликовано: 19 сент. 2007

Источник: nvd

CVSS2: 4.4

EPSS Низкий

Описание

ProSecurity 1.40 Beta 2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenSection, and (5) NtSetSystemTime.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:isecsoft:prosecurity:1.40_beta_2:*:*:*:*:*:*:*

EPSS

Процентиль: 22%

0.0007

Низкий

4.4 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-cf99-wv64-5f46

github

почти 4 года назад

ProSecurity 1.40 Beta 2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenSection, and (5) NtSetSystemTime.

EPSS

Процентиль: 22%

0.0007

Низкий

4.4 Medium

CVSS2

Дефекты

CWE-20