CVE-2006-3787

2006-07-2121:00:00

mitre

www.cve.org

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.7%

JSON

kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass protection mechanisms by calling CreateRemoteThread.

References

secunia.com/advisories/21060

securityreason.com/securityalert/1260

www.matousec.com/info/advisories/Kerio-Terminating-kpf4ss-exe-using-internal-runtime-error.php

www.securityfocus.com/archive/1/440112/100/100/threaded

www.securityfocus.com/bid/18996

www.vupen.com/english/advisories/2006/2828