EUVD-2006-4529

Malware in sbrugna...

Code injection

Norton Internet Security 2008 15.0.0.60 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via the NtOpenSection kernel SSDT hook. NOTE: the NtCreateMutan...

CVE-2007-5047

The vulnerability CVE-2007-5047 affects Norton Internet Security 2008 (build 15.0.0.60) where NtOpenSection SSDT hooks are not properly validating parameters passed to SSDT function handlers, enabling local users to trigger a crash (DoS) and potentially gain privileges via the kernel NtOpenSectio...

CVE-2007-4971

ProSecurity 1.40 Beta 2 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including 1 NtCreateKey,...

CVE-2007-4971

ProSecurity 1.40 Beta 2 contains a vulnerability where parameters passed to System Service Descriptor Table (SSDT) function handlers are not properly validated. This allows a local user to trigger a denial of service (crash) and potentially gain privileges by manipulating kernel SSDT hooks for Wi...

Code injection

cmdmon.sys in Comodo Firewall Pro formerly Comodo Personal Firewall 2.4.16.174 and earlier does not validate arguments that originate in user mode for the 1 NtCreateSection, 2 NtOpenProcess, 3 NtOpenSection, 4 NtOpenThread, and 5 NtSetValueKey hooked SSDT functions, which allows local users to...

ISS BlackICE NtOpenSection()本地拒绝服务漏洞

BlackICE是一款Internet Security Systems公司发布的桌面防火墙系统。 BlackICE的rapdrv.sys驱动在处理NtOpenSection API钩子的对象属性参数时存在漏洞，攻击者可以利用将第三方参数设置为NULL的NtOpenSection API导致防火墙崩溃。 ISS BlackICE PC Protection 3.6 我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://xforce.iss.net / Testing program for Insufficient validation of arguments of...

CVE-2006-4541

RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service crash via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected...

CVE-2006-4541

CVE-2006-4541 affects RapDrv.sys in BlackICE PC Protection 3.6.x and earlier variants, where a NULL third argument passed to NtOpenSection can crash the system, enabling local denial of service. The vulnerability is tied to the driver’s handling of NtOpenSection arguments. No exploitation details...

ISS BlackICE PC Protection DoS

Invalid NtOpenSection hook causes sytem to crash if 3rd paramter is NULL...

ISS BlackICE PC Protection Insufficient validation of arguments of NtOpenSection Vulnerability

Hello, I would like to inform you about a vulnerability in BlackICE PC Protection driver found by Matousec - Transparent security. Description: Hooking SSDT functions requires extra caution. SSDT function handlers are executed in the kernel mode but their callers are executed in the user mode...

[SA21710] BlackICE PC Protection "NtOpenSection()" Denial of Service

TITLE: BlackICE PC Protection "NtOpenSection" Denial of Service SECUNIA ADVISORY ID: SA21710 VERIFY ADVISORY: http://secunia.com/advisories/21710/ CRITICAL: Not critical IMPACT: DoS WHERE: Local system SOFTWARE: BlackICE PC Protection 3.x http://secunia.com/product/1702/ DESCRIPTION: David Matous...

CVE-2006-3074

KVE-2006-3074 affects Kaspersky Internet Security 6.0/7.0 and KAV 6.0/7.0 (Windows Workstations/Servers). The vulnerability arises from insufficient validation of parameters to hooked system calls (NtCreateKey, NtCreateProcess, NtCreateProcessEx, NtCreateSection, NtCreateSymbolicLinkObject, NtCre...