exploitDog

CVE-2007-5042

Опубликовано: 24 сент. 2007

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:agnitum:outpost_firewall:4.0.1025.7828:*:*:*:*:*:*:*

EPSS

Процентиль: 22%

0.0007

Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-fpw6-4rcx-6349

github

почти 4 года назад

Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160.

EPSS

Процентиль: 22%

0.0007

Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264