Lucene search

[email protected]CVE-2007-4971

HistorySep 19, 2007 - 1:17 a.m.

CVE-2007-4971

2007-09-1901:17:00

CWE-20

[email protected]

web.nvd.nist.gov

prosecurity

vulnerability

ssdt

ntcreatekey

ntdeletefile

ntloaddriver

ntopensection

ntsetsystemtime

windows native api

nvd

cve-2007-4971

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

ProSecurity 1.40 Beta 2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenSection, and (5) NtSetSystemTime.

Affected configurations

NVD

Node

isecsoftprosecurityMatch1.40_beta_2

CPENameOperatorVersion
isecsoft:prosecurityisecsoft prosecurityeq1.40_beta_2

CPE	Name	Operator	Version
isecsoft:prosecurity	isecsoft prosecurity	eq	1.40_beta_2

References

osvdb.org/45956

www.matousec.com/info/advisories/plague-in-security-software-drivers.php

www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php

www.securityfocus.com/archive/1/479830/100/0/threaded

www.securityfocus.com/bid/25718

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-4971

prion1 cvelist1 nvd1