NVD

Id
57130  
Name
CVE-2007-5042  
Description
Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-09-23  
Modified Date
2008-11-15  
Seq
2007-5042  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
291713 57130 CVE-2007-5042 3161  View
291714 57130 CVE-2007-5042 http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php  View
291715 57130 CVE-2007-5042 http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php  View
291716 57130 CVE-2007-5042 20070918 Plague in (security) software drivers & BSDOhook utility  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
53982 JVNDB-2007-002674 Outpost Firewall Pro におけるサービス運用妨害 (DoS) の脆弱性 Outpost Firewall Pro は、System Service Descriptor Table (SSDT) 関数ハンドラへの特定のパラメータを適切に検証しないため、サービス運用妨害 (クラッシュ) 状態となり、権限を取得される脆弱性が存在します。 CVE-2007-5042 28397 CVE-2007-5042 57130 4.6 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002674.html 2007-09-23 2012-06-26 View