Lucene search
MitreCVE-2007-4968HistorySep 19, 2007 - 1:17 a.m.
CVE-2007-4968
2007-09-1901:17:00
CWE-20
mitre
web.nvd.nist.gov
20
cve-2007-4968
privatefirewall
ssdt
ntopenprocess
ntopenthread
denial of service
privilege escalation
kernel security
CVSS2
4.4
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
High
EPSS
0
Percentile
5.1%
Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for (1) NtOpenProcess and (2) NtOpenThread.
Affected configurations
Node
privacywareprivatefirewallMatch5.0.14.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| privacyware | privatefirewall | 5.0.14.2 | cpe:2.3:a:privacyware:privatefirewall:5.0.14.2:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2007-09-19 01:17:00
nvd
nvd
CVE-2007-4968
2007-09-19 01:17:00
cvelist
cvelist
CVE-2007-4968
2007-09-19 01:00:00
CVSS2
4.4
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2007-4968