Lucene search

K
cve[email protected]CVE-2005-0964
HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0964

2005-05-0204:00:00
web.nvd.nist.gov
22
cve-2005-0964
kerio personal firewall
vulnerability
bypass
firewall rules
local users
malicious process

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions.

Affected configurations

NVD
Node
keriopersonal_firewallMatch4.0.6
OR
keriopersonal_firewallMatch4.0.7
OR
keriopersonal_firewallMatch4.0.8
OR
keriopersonal_firewallMatch4.0.9
OR
keriopersonal_firewallMatch4.0.10
OR
keriopersonal_firewallMatch4.0.16
OR
keriopersonal_firewallMatch4.1
OR
keriopersonal_firewallMatch4.1.1
OR
keriopersonal_firewallMatch4.1.2

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

Related for CVE-2005-0964