Lucene search

MitreCVE-2004-2477

HistoryAug 21, 2005 - 4:00 a.m.

CVE-2004-2477

2005-08-2104:00:00

mitre

web.nvd.nist.gov

cve-2004-2477

process guard protection

local users

overwrite

sdt

ntoskrnl.exe

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

25.6%

JSON

DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table (SDT) in \device\physicalmemory with the original SDT found in ntoskrnl.exe.

Affected configurations

Nvd

Node

diamondcsprocess_guard_freeMatch2.000

VendorProductVersionCPE
diamondcsprocess_guard_free2.000cpe:2.3:a:diamondcs:process_guard_free:2.000:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
diamondcs	process_guard_free	2.000	cpe:2.3:a:diamondcs:process_guard_free:2.000:::::::*

References

secunia.com/advisories/12033

www.osvdb.org/7606

www.security.org.sg/vuln/procguard.html

www.securityfocus.com/bid/10675

www.securitytracker.com/alerts/2004/Jul/1010662.html

exchange.xforce.ibmcloud.com/vulnerabilities/16654

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

25.6%

JSON

Related for CVE-2004-2477