CVE

Id
28399  
CVE No.
CVE-2007-5042  
Status
Candidate  
Description
Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160.  
Phase
Assigned (20070923)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
295123 28399 CVE-2007-5042 BUGTRAQ:20070918 Plague in (security) software drivers & BSDOhook utility  View
295124 28399 CVE-2007-5042 URL:http://www.securityfocus.com/archive/1/archive/1/479830/100/0/threaded  View
295125 28399 CVE-2007-5042 MISC:http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php  View
295126 28399 CVE-2007-5042 MISC:http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php  View
295127 28399 CVE-2007-5042 OSVDB:45899  View
295128 28399 CVE-2007-5042 URL:http://osvdb.org/45899  View
295129 28399 CVE-2007-5042 SREASON:3161  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
57444 JVNDB-2007-006136 ZoneAlarm におけるサービス運用妨害 (DoS) の脆弱性 ZoneAlarm は、System Service Descriptor Table (SSDT) 関数ハンドラへの特定パラメータを適切に検証しないため、サービス運用妨害 (クラッシュ) 状態となる脆弱性が存在します。 CVE-2007-5044 28399 6.9 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-006136.html  View