Lucene search
MitreCVE-2007-4972HistorySep 19, 2007 - 1:17 a.m.
CVE-2007-4972
2007-09-1901:17:00
CWE-264
mitre
web.nvd.nist.gov
26
cve-2007-4972
regmon
validation
ssdt
denial of service
privilege escalation
ntcreatekey
ntopenkey
windows native api
nvd
CVSS2
1.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
AI Score
6.5
Confidence
High
EPSS
0
Percentile
5.1%
RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks to the (1) NtCreateKey and (2) NtOpenKey Windows Native API functions.
Affected configurations
Node
sysinternalsregmonMatch7.04
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sysinternals | regmon | 7.04 | cpe:/a:sysinternals:regmon:7.04::: |
Related
nvd
nvd
CVE-2007-4972
2007-09-19 01:17:00
prion
prion
Authentication flaw
2007-09-19 01:17:00
cvelist
cvelist
CVE-2007-4972
2007-09-19 01:00:00
CVSS2
1.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
AI Score
6.5
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2007-4972