Описание
CORE FORCE before 0.95.172 does not properly validate arguments to SSDT hook handler functions in the Registry module, which allows local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments.
Ссылки
- Patch
- ExploitPatch
- Patch
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1Версия до 0.95.167 (включая)
cpe:2.3:a:core_security_technologies:core_force:*:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00068
Низкий
7.2 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
CORE FORCE before 0.95.172 does not properly validate arguments to SSDT hook handler functions in the Registry module, which allows local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments.
EPSS
Процентиль: 21%
0.00068
Низкий
7.2 High
CVSS2
Дефекты
CWE-119