Lucene search
Immunity CanvasESET_EPFWNDISHistorySep 23, 2014 - 3:55 p.m.
Immunity Canvas: ESET_EPFWNDIS
2014-09-2315:55:00
Immunity Canvas
exploitlist.immunityinc.com
29
0.0004 Low
EPSS
Percentile
5.1%
| Name | ESET_EpFwNDIS |
|---|---|
| CVE | CVE-2014-4973 Exploit Pack |
| Notes: | |
| This module exploits a vulnerability on the ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver. | |
| The Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security | |
| products 5.0 through 7.0 are the vulnerable ones. | |
| While processing the input buffer inside the IOCTL 0x830020CC a trusted value condition occurs. The | |
| correct value could be obtained through another IOCTL which has an information leak. Once the correct | |
| value is known a NULL page dereference could be achieved. |
References:
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973/
Tested on:
Windows XP Professional SP3 x86 (ESET Smart Security 7.0.302.0)
VENDOR: ESET
CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4973
CVE Name: CVE-2014-4973
Related
securityvulns
securityvulns
ESET application privilege escalation
2014-08-26 00:00:00
CVE-2014-4973 - Privilege Escalation in ESET Windows Products
2014-08-26 00:00:00
prion
prion
Code injection
2014-09-23 15:55:00
cvelist
cvelist
CVE-2014-4973
2014-09-23 15:00:00
nvd
nvd
CVE-2014-4973
2014-09-23 15:55:06
cve
cve
CVE-2014-4973
2014-09-23 15:55:06