Avira Premium Security Suite NtCreateKey Race Condition Vulnerability

No description provided by source. 1.Description: The avipbb.sys kernel driver distributed with Avira Premium Security Suite contains a race condition vulnerability in the handling paramaters of NtCreatekey function. Exploitation of this issue allows an attacker to crash systemmake infamous BSoD ...

Avira Premium Security Suite - NtCreateKey Race Condition

Avira Premium Security Suite - NtCreateKey Race Condition 1.Description: The avipbb.sys kernel driver distributed with Avira Premium Security Suite contains a race condition vulnerability in the handling paramaters of NtCreatekey function. Exploitation of this issue allows an attacker to crash...

Avira Premium Security Suite - 'NtCreateKey' Race Condition

1.Description: The avipbb.sys kernel driver distributed with Avira Premium Security Suite contains a race condition vulnerability in the handling paramaters of NtCreatekey function. Exploitation of this issue allows an attacker to crash systemmake infamous BSoD or gain escalated priviligies. An...

Sophos Anti-Virus SSDT钩子本地拒绝服务漏洞

BUGTRAQ ID: 28743 CVECAN ID: CVE-2008-1737 Sophos Anti-Virus是一款适用于多种操作系统的杀毒软件。 Sophos杀毒软件的NtCreateKey函数没有正确地验证参数，本地攻击者可能利用此漏洞导致程序不可用。 相关的代码如下： /----------- int cdecl NtCreateKeyHookPHANDLE pKeyHandle, ACCESSMASK DesiredAccess, POBJECTATTRIBUTES ObjectAttributes, ULONG TitleIndex,PUNICODESTRING...

Design/Logic Flaw

Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via the 1 NtCreateKey, 2 NtCreateThread, 3 NtDeleteValueKey, 4...

Design/Logic Flaw

G DATA InternetSecurity 2007 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via the 1 NtCreateKey and 2 NtOpenProcess kernel SSDT hooks...

CVE-2007-5040

CVE-2007-5040 affects Ghost Security Suite alpha 1.200. The issue is improper validation of certain parameters to System Service Descriptor Table (SSDT) function handlers, leading to denial of service (crash) and potential privilege elevation via kernel SSDT hooks. Affected kernel interfaces incl...

CVE-2007-5041

CVE-2007-5041 : G DATA InternetSecurity 2007 reportedly does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, enabling local users to trigger a crash (DoS) and potentially gain privileges via the (1) NtCreateKey and (2) NtOpenProcess kernel SSD...

CVE-2007-4967

Online Armor Personal Firewall 2.0.1.215 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API...

CVE-2007-4972

RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks to the 1 NtCreateKey and 2 NtOpenKey Windows Native API functions...

Authentication flaw

RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks to the 1 NtCreateKey and 2 NtOpenKey Windows Native API functions...

CVE-2007-4971

ProSecurity 1.40 Beta 2 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including 1 NtCreateKey,...

CVE-2007-4969

CVE-2007-4969 affects Process Monitor 1.22. The vulnerability stems from improper validation of parameters to System Service Descriptor Table (SSDT) function handlers, enabling local users to crash the system and potentially gain privileges via unspecified kernel SSDT hooks for Windows Native API...

CVE-2007-4970

ProcessGuard 3.410 is vulnerable due to improper validation of parameters passed to System Service Descriptor Table (SSDT) function handlers. The issue enables local users to trigger a denial of service (crash) and potentially gain privileges by abusing kernel SSDT hooks targeting Windows Native ...

CVE-2007-4972

The CVE-2007-4972 issue affects RegMon 7.04 and stems from improper validation of parameters to System Service Descriptor Table (SSDT) function handlers. This flaw allows local users to crash the system and potentially gain privileges via kernel SSDT hooks targeting NtCreateKey and NtOpenKey in W...

CVE-2007-4971

ProSecurity 1.40 Beta 2 contains a vulnerability where parameters passed to System Service Descriptor Table (SSDT) function handlers are not properly validated. This allows a local user to trigger a denial of service (crash) and potentially gain privileges by manipulating kernel SSDT hooks for Wi...

CVE-2007-4972

RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks to the 1 NtCreateKey and 2 NtOpenKey Windows Native API functions...

Design/Logic Flaw

vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service system crash or possibly execute arbitrary code via crafted arguments to the 1...

CVE-2007-2083

vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service system crash or possibly execute arbitrary code via crafted arguments to the 1...

CVE-2007-2083

vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service system crash or possibly execute arbitrary code via crafted arguments to the 1...