Lucene search

[email protected]NVD:CVE-2014-4974

HistoryNov 04, 2014 - 4:55 p.m.

CVE-2014-4974

2014-11-0416:55:06

CWE-200

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls.

Affected configurations

NVD

Node

esetpersonal_firewall_ndis_filterRange≤1183_\(20140214\)

References

packetstormsecurity.com/files/128874/ESET-7.0-Kernel-Memory-Leak.html

seclists.org/fulldisclosure/2014/Oct/118

www.securityfocus.com/bid/70770

exchange.xforce.ibmcloud.com/vulnerabilities/98312

www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2014-4974

cvelist1 cve1 prion1