CVE-2008-5724 – ESET Smart Security 3.0.672 - 'epfw.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2008-5724
The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafted IRP in a certain METHOD_NEITHER IOCTL request to \Device\Epfw that overwrites portions of memory. El driver de Personal Firewall (también conocido como epfw.sys) 3.0.672.0 y anteriores en ESET Smart Security 3.0.672 y anteriores permite a usuarios locales obtener privilegios mediante un IRP manipulado en una petición METHOD_NEITHER IOCTL a \Device\Epfw que sobrescribe porciones de memoria. • https://www.exploit-db.com/exploits/7516 http://secunia.com/advisories/33210 http://www.eset.com/joomla/index.php?option=com_content&task=view&id=4113&Itemid=5 http://www.ntinternals.org/ntiadv0807/ntiadv0807.html http://www.securityfocus.com/bid/32917 http://www.vupen.com/english/advisories/2008/3456 https://exchange.xforce.ibmcloud.com/vulnerabilities/47477 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-5527
https://notcve.org/view.php?id=CVE-2008-5527
ESET Smart Security, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. ESET Smart Security, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detección de malware en un documento HTML colocando una cabecera MZ (alias "EXE info") al principio, y modificar el nombre del archivo a (1 ) sin extensión, (2) una extensión. txt, o (3) una extensión .jpg, como lo demuestra un documento que contiene un exploit CVE-2006-5745. • http://securityreason.com/securityalert/4723 http://www.securityfocus.com/archive/1/498995/100/0/threaded http://www.securityfocus.com/archive/1/499043/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/47435 • CWE-20: Improper Input Validation •