Lucene search
HistoryDec 26, 2008 - 5:30 p.m.
CVE-2008-5724
eset smart security
epfw.sys
privilege escalation
cve-2008-5724
nvd
6.5 Medium
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafted IRP in a certain METHOD_NEITHER IOCTL request to \Device\Epfw that overwrites portions of memory.
Affected configurations
Node
esetsmart_securityRange≤3.0.672
OResetsmart_securityMatch3.0.551
OResetsmart_securityMatch3.0.560
OResetsmart_securityMatch3.0.563
OResetsmart_securityMatch3.0.621
OResetsmart_securityMatch3.0.642
OResetsmart_securityMatch3.0.650
OResetsmart_securityMatch3.0.657
OResetsmart_securityMatch3.0.667
OResetsmart_securityMatch3.0.669
Related
nessus
nessus
NOD32 3.0/ESET Smart Security < 3.0.684 Local Privilege Escalation
2009-01-02 00:00:00
nvd
nvd
CVE-2008-5724
2008-12-26 17:30:00
cvelist
cvelist
CVE-2008-5724
2008-12-26 17:08:00
prion
prion
Cross site request forgery (csrf)
2008-12-26 17:30:00
6.5 Medium
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
Related for CVE-2008-5724