CA Internet Security Suite vetmonnt.sys驱动本地拒绝服务漏洞

BUGTRAQ ID: 36077 CVECAN ID: CVE-2009-0682 CA Internet Security Suite是为家庭用户提供的综合网络安全解决方案。 Internet Security Suite所使用的vetmonnt.sys驱动没有正确地验证IOCTL调用，本地攻击者可以通过提交恶意的IOCTL请求导致内核崩溃。 Computer Associates Internet Security Suite r5 Computer Associates Internet Security Suite r4 Computer Associates Internet...

CVE-2009-0682

vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of service system crash via a crafted call...

Code injection

vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of service system crash via a crafted call...

CVE-2009-0682

CA Internet Security Suite vulnerable to local denial-of-service via IOCTL handling in vetmonnt.sys. Affects CA Internet Security Suite r3, and r4 up to 9.0.0.184, and r5 up to 10.0.0.217. The IOCTL verifier did not properly validate the Irp-buffer, enabling a crafted IOCTL to crash the system. P...

CVE-2006-6496

The 1 VetMONNT.sys and 2 VetFDDNT.sys drivers in CA Anti-Virus 2007 8.1, Anti-Virus for Vista Beta 8.2, and CA Internet Security Suite 2007 v3.0 do not properly handle NULL buffers, which allows local users with administrative access to cause a denial of service system crash via certain IOCTLs...