6 matches found
Code injection
Kaspersky Internet Security 7.0.0.125 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to 1 cause a denial of service crash and possibly gain privileges via the NtCreateSection kernel SSDT hook or 2 cause a denial of...
CVE-2007-5043
The CVE-2007-5043 entry affects Kaspersky Internet Security 7.0.0.125, where the kernel driver layer (kylif.sys) does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers. This insecure handling enables local attackers to cause a denial of service (...
CVE-2007-5043
Kaspersky Internet Security 7.0.0.125 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to 1 cause a denial of service crash and possibly gain privileges via the NtCreateSection kernel SSDT hook or 2 cause a denial of...
CVE-2007-4971
ProSecurity 1.40 Beta 2 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including 1 NtCreateKey,...
CVE-2007-4971
ProSecurity 1.40 Beta 2 contains a vulnerability where parameters passed to System Service Descriptor Table (SSDT) function handlers are not properly validated. This allows a local user to trigger a denial of service (crash) and potentially gain privileges by manipulating kernel SSDT hooks for Wi...
CVE-2006-5153
The 1 fwdrv.sys and 2 khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to caus...