exploitDog

CVE-2007-5039

Опубликовано: 24 сент. 2007

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

Ghost Security Suite beta 1.110 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteValueKey, (3) NtQueryValueKey, (4) NtSetSystemInformation, and (5) NtSetValueKey kernel SSDT hooks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ghostsecurity:ghost_security_suite:1.110_beta:*:*:*:*:*:*:*

EPSS

Процентиль: 36%

0.0015

Низкий

2.1 Low

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-pqfc-g3ww-mmvr

github

почти 4 года назад

Ghost Security Suite beta 1.110 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteValueKey, (3) NtQueryValueKey, (4) NtSetSystemInformation, and (5) NtSetValueKey kernel SSDT hooks.

EPSS

Процентиль: 36%

0.0015

Низкий

2.1 Low

CVSS2

Дефекты

CWE-20