12 matches found
EUVD-2007-5067
Malware in sbrugna...
EUVD-2007-5022
Malware in sbrugna...
EUVD-2004-2468
Malware in sbrugna...
ESTsoft ALYac Anti-Virus 1.5 <= 5.0.1.2 - Privilege Escalation Vulnerability
No description provided by source. ESTsoft ALYac Anti-Virus 1.5 with AYDrvNT.sys = 5.0.1.2 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS ALYac Anti-Virus 1.5 DETAILS: AYDrvNT.sys create a device called AYDrvNTALYAC , and handles the...
ESTsoft ALYac Anti-Virus 1.5 < 5.0.1.2 - Local Privilege Escalation
ESTsoft ALYac Anti-Virus 1.5 with AYDrvNT.sys = 5.0.1.2 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS ALYac Anti-Virus 1.5 DETAILS: AYDrvNT.sys create a device called "AYDrvNTALYAC" , and handles the device io control code = 0x223e2...
ESTsoft ALYac Anti-Virus 1.5 <= 5.0.1.2 Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits ESTsoft ALYac Anti-Virus 1.5 with AYDrvNT.sys = 5.0.1.2 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS ALYac Anti-Virus 1.5 DETAILS: AYDrvNT.sys create a device called...
Input validation
Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table SSDT functions, which allows local users to cause a denial of service system crash via 1 a crafted OBJECTATTRIBUTES structure in a call to the NtDeleteFile function, which leads ...
Code injection
Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service reboot with the product disabled and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateK...
CVE-2007-4968
Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table SSDT function handlers, which allows local users to cause a denial of service crash and possibly gain privileges via kernel SSDT hooks for 1 NtOpenProcess and 2 NtOpenThread...
Patching system services at runtime
Patching system services at runtime Although KAV appears to use a filesystem filter, the standard Windows mechanism for intercepting accesses to files specifically designed for applications like anti-virus software, the implementors also used a series of API-level function hooks to intercept...
CVE-2004-2477
DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table SDT in \device\physicalmemory with the original SDT found in ntoskrnl.exe...
CVE-2004-2477
DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table SDT in \device\physicalmemory with the original SDT found in ntoskrnl.exe...