exploitDog

CVE-2008-2926

Опубликовано: 12 авг. 2008

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*

cpe:2.3:a:ca:host_based_intrusion_prevention_system:r8:*:*:*:*:*:*:*

cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*

cpe:2.3:a:ca:personal_firewall_2007:*:*:*:*:*:*:*:*

cpe:2.3:a:ca:personal_firewall_2008:*:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00057

Низкий

7.2 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-6cmr-6f4q-j55j

github

почти 4 года назад

The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.

EPSS

Процентиль: 18%

0.00057

Низкий

7.2 High

CVSS2

Дефекты

CWE-20