CVE

Id
28401  
CVE No.
CVE-2007-5044  
Status
Candidate  
Description
ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreatePort and (2) NtDeleteFile kernel SSDT hooks, a partial regression of CVE-2007-2083.  
Phase
Assigned (20070923)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
295135 28401 CVE-2007-5044 BUGTRAQ:20070918 Plague in (security) software drivers & BSDOhook utility  View
295136 28401 CVE-2007-5044 URL:http://www.securityfocus.com/archive/1/archive/1/479830/100/0/threaded  View
295137 28401 CVE-2007-5044 MISC:http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php  View
295138 28401 CVE-2007-5044 MISC:http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php  View
295139 28401 CVE-2007-5044 OSVDB:45898  View
295140 28401 CVE-2007-5044 URL:http://osvdb.org/45898  View
295141 28401 CVE-2007-5044 SREASON:3161  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
55735 JVNDB-2007-004427 IceWarp の Merak Mail Server 用の Webmail インターフェースにおけるクロスサイトスクリプティングの脆弱性 IceWarp Merak Mail Server 用の Webmail インターフェースには、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2007-5046 28401 4.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-004427.html  View