Lucene search
MitreCVE-2007-5041HistorySep 24, 2007 - 12:17 a.m.
CVE-2007-5041
2007-09-2400:17:00
CWE-20
mitre
web.nvd.nist.gov
28
g data
internetsecurity
2007
validation
vulnerability
ssdt
ntcreatekey
ntopenprocess
denial of service
privilege escalation
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
High
EPSS
0
Percentile
5.1%
G DATA InternetSecurity 2007 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey and (2) NtOpenProcess kernel SSDT hooks.
Affected configurations
Node
gdatainternetsecurity_2007
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gdata | internetsecurity_2007 | * | cpe:2.3:a:gdata:internetsecurity_2007:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2007-5041
2007-09-24 00:00:00
nvd
nvd
CVE-2007-5041
2007-09-24 00:17:00
prion
prion
Design/Logic Flaw
2007-09-24 00:17:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2007-5041