Lucene search

MitreCVE-2007-4971

HistorySep 19, 2007 - 1:17 a.m.

CVE-2007-4971

2007-09-1901:17:00

CWE-20

mitre

web.nvd.nist.gov

prosecurity

vulnerability

ssdt

ntcreatekey

ntdeletefile

ntloaddriver

ntopensection

ntsetsystemtime

windows native api

nvd

cve-2007-4971

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

ProSecurity 1.40 Beta 2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenSection, and (5) NtSetSystemTime.

Affected configurations

Nvd

Node

isecsoftprosecurityMatch1.40_beta_2

VendorProductVersionCPE
isecsoftprosecurity1.40_beta_2cpe:2.3:a:isecsoft:prosecurity:1.40_beta_2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
isecsoft	prosecurity	1.40_beta_2	cpe:2.3:a:isecsoft:prosecurity:1.40_beta_2:::::::*

References

osvdb.org/45956

www.matousec.com/info/advisories/plague-in-security-software-drivers.php

www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php

www.securityfocus.com/archive/1/479830/100/0/threaded

www.securityfocus.com/bid/25718

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-4971