Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
canvasImmunity CanvasESET_EPFWNDIS
HistorySep 23, 2014 - 3:55 p.m.

Immunity Canvas: ESET_EPFWNDIS

2014-09-2315:55:00
Immunity Canvas
exploitlist.immunityinc.com
31

EPSS

0

Percentile

5.1%

JSON
Name ESET_EpFwNDIS
CVE CVE-2014-4973 Exploit Pack
Notes:
This module exploits a vulnerability on the ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver.
The Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security
products 5.0 through 7.0 are the vulnerable ones.
While processing the input buffer inside the IOCTL 0x830020CC a trusted value condition occurs. The
correct value could be obtained through another IOCTL which has an information leak. Once the correct
value is known a NULL page dereference could be achieved.

References:
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/

Tested on:
Windows XP Professional SP3 x86 (ESET Smart Security 7.0.302.0)

VENDOR: ESET
CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4973
CVE Name: CVE-2014-4973

Related

securityvulns 2
prion 1
cvelist 1
nvd 1
cve 1
securityvulns
securityvulns
ESET application privilege escalation
2014-08-26 00:00:00
CVE-2014-4973 - Privilege Escalation in ESET Windows Products
2014-08-26 00:00:00
prion
prion
Code injection
2014-09-23 15:55:00
cvelist
cvelist
CVE-2014-4973
2014-09-23 15:00:00
nvd
nvd
CVE-2014-4973
2014-09-23 15:55:06
cve
cve
CVE-2014-4973
2014-09-23 15:55:06

EPSS

0

Percentile

5.1%

JSON
Related for ESET_EPFWNDIS
securityvulns2prion1cvelist1nvd1cve1