Lucene search

[email protected]CVE-2007-1194

HistoryMar 02, 2007 - 9:18 p.m.

CVE-2007-1194

2007-03-0221:18:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2007-1194

norman sandbox analyzer

idt range

vulnerability

nvd

security

information security

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows attackers to produce malware that is more difficult to analyze.

Affected configurations

NVD

Node

normannorman_sandbox_analyzer

CPENameOperatorVersion
norman:norman_sandbox_analyzernorman norman sandbox analyzereq*

CPE	Name	Operator	Version
norman:norman_sandbox_analyzer	norman norman sandbox analyzer	eq	*

References

osvdb.org/34955

www.ntsecurity.nu/onmymind/2007/2007-02-27.html

www.securityfocus.com/archive/1/461555/100/0/threaded

www.securityfocus.com/archive/1/461804/100/100/threaded

www.securityfocus.com/archive/1/461805/100/100/threaded

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-1194

cvelist1 securityvulns1 prion1 nvd1