Lucene search

[email protected]NVD:CVE-2007-4969

HistorySep 19, 2007 - 1:17 a.m.

CVE-2007-4969

2007-09-1901:17:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey, (2) NtDeleteValueKey, (3) NtLoadKey, (4) NtOpenKey, (5) NtQueryValueKey, (6) NtSetValueKey, and (7) NtUnloadKey.

Affected configurations

Nvd

Node

sysinternalsprocess_monitorMatch1.22

VendorProductVersionCPE
sysinternalsprocess_monitor1.22cpe:2.3:a:sysinternals:process_monitor:1.22:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sysinternals	process_monitor	1.22	cpe:2.3:a:sysinternals:process_monitor:1.22:::::::*

References

osvdb.org/45953

www.matousec.com/info/advisories/plague-in-security-software-drivers.php

www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php

www.securityfocus.com/archive/1/479830/100/0/threaded

www.securityfocus.com/bid/25719

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2007-4969

cve1 prion1 cvelist1