Lucene search

[email protected]CVE-2007-5040

HistorySep 24, 2007 - 12:17 a.m.

CVE-2007-5040

2007-09-2400:17:00

CWE-20

CWE-264

[email protected]

web.nvd.nist.gov

cve-2007-5040

ghost security suite

ssdt

vulnerability

ntcreatekey

ntcreatethread

ntdeletevaluekey

ntqueryvaluekey

ntsetsysteminformation

ntsetvaluekey

kernel

denial of service

privilege escalation

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtCreateThread, (3) NtDeleteValueKey, (4) NtQueryValueKey, (5) NtSetSystemInformation, and (6) NtSetValueKey kernel SSDT hooks.

Affected configurations

NVD

Node

ghostsecurityghost_security_suiteMatchalpha_1.200

CPENameOperatorVersion
ghostsecurity:ghost_security_suiteghostsecurity ghost security suiteeqalpha_1.200

CPE	Name	Operator	Version
ghostsecurity:ghost_security_suite	ghostsecurity ghost security suite	eq	alpha_1.200

References

securityreason.com/securityalert/3161

www.matousec.com/info/advisories/plague-in-security-software-drivers.php

www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php

www.securityfocus.com/archive/1/479830/100/0/threaded

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-5040

prion1 cvelist1 nvd1