Page 38 of 198 results (0.327 seconds)

CVSS: 4.9EPSS: 0%CPEs: 56EXPL: 2

CVE-2007-1793 – Symantec (Multiple Products) - 'SPBBCDrv' Driver Local Denial of Service

https://notcve.org/view.php?id=CVE-2007-1793

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected. El archivo SPBBCDrv.sys en Symantec Norton Personal Firewall 2006 versiones 9.1.0.33 y 9.1.1.7 no comprueba ciertos argumentos antes de ser pasado hacia los controladores de la función SSDT enlazada, lo que permite a los usuarios locales causar una denegación de servicio (bloqueo) o posiblemente ejecutar código arbitrario por medio de argumentos creados para las funciones (1) NtCreateMutant y (2) NtOpenEvent. NOTA: más tarde se informó que Norton Internet Security 2008 versión 15.0.0.60, y posiblemente otras versiones de 2006, también se ven afectados. • https://www.exploit-db.com/exploits/29810 http://osvdb.org/34692 http://secunia.com/advisories/24677 http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www& • CWE-20: Improper Input Validation •

CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 1

CVE-2006-4541 – Internet Security Systems 3.6 BlackICE - Local Denial of Service

https://notcve.org/view.php?id=CVE-2006-4541

RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected. RapDrv.sys en BlackICE PC Protection 3.6.cpn, cpj, cpiE, y posiblemente 3.6 y anteriores, permite a usuarios locales provocar denegación de servicio (caida) a través de un tercer argumento NULL a la función NtOpenSection API. NOTA: Posteriormente fue notificado que 3.6.cqn también se ve afectado. • https://www.exploit-db.com/exploits/28469 http://secunia.com/advisories/21710 http://securityreason.com/securityalert/1512 http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www.osvdb.org/28332 http://www.securityfocus.com/archive/1/444958/100/ • CWE-20: Improper Input Validation •

CVSS: 5.1EPSS: 2%CPEs: 6EXPL: 1

CVE-2006-3992

https://notcve.org/view.php?id=CVE-2006-3992

Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w29n51.sys Microsoft Windows drivers for Intel 2200BG and 2915ABG PRO/Wireless Network Connection before 10.5 with driver 9.0.4.16 allows remote attackers to execute arbitrary code via certain frames that trigger memory corruption. Vulnerabildad no especifica en los controladores Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, y (4) w29n51.sys Microsoft Windows para Intel 2200BG y 2915ABG PRO/Wireless Network Connection anterior a 10.5 con controlador 9.0.4.16 permite a atacantes remotos ejecutar código de su elección a través de de ciertas ventanas que disparan una corrupción de memoria. • http://securitytracker.com/id?1016621 http://support.intel.com/support/wireless/wlan/sb/CS-023065.htm http://www.kb.cert.org/vuls/id/230208 http://www.securityfocus.com/bid/19298 http://www.vupen.com/english/advisories/2006/3100 •

CVSS: 7.8EPSS: 96%CPEs: 9EXPL: 1

CVE-2006-3942 – Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)

https://notcve.org/view.php?id=CVE-2006-3942

The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. ... El controlador de servidor (srv.sys) en Microsoft Windows NT 4.0, 2000, XP, y Server 2003 permite a atacantes remotos provocar una denegación de servicio (caída del sistema) mediante un mensaje SMB_COM_TRANSACTION que contiene una cadena sin terminación de carácter nulo, lo cual lleva a una referencia a NULL en la función ExecuteTransaction, posiblemente relacionado con una "tubería SMB" (SMB PIPE), también conocida como vulnerabilidad "Mailslot DOS". • https://www.exploit-db.com/exploits/2057 http://blogs.technet.com/msrc/archive/2006/07/28/443837.aspx http://secunia.com/advisories/21276 http://securitytracker.com/id?1016606 http://securitytracker.com/id?1017035 http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10 http://www.osvdb.org/27644 http://www.securityfocus.com/archive/1/443287/100/200/threaded http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/19215 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 94%CPEs: 9EXPL: 1

CVE-2006-1314 – Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)

https://notcve.org/view.php?id=CVE-2006-1314

Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages. Desbordamiento de búfer basado en montículo en Server Service (SRV.SYS driver) de Microsoft Windows 2000 SP4, XP SP1 y SP2, Server de 2003 a SP1 y otros productos, permite a atacantes remotos ejecutar código de su elección a través de mensajes Mailslot de primera clase manipulados lo que dispara una corrupción de memoria y evita las restricciones de tamaño en mensajes Mailslot de segunda clase. • https://www.exploit-db.com/exploits/2057 http://secunia.com/advisories/21007 http://securityreason.com/securityalert/1212 http://www.kb.cert.org/vuls/id/189140 http://www.osvdb.org/27154 http://www.securityfocus.com/archive/1/439773/100/0/threaded http://www.securityfocus.com/bid/18863 http://www.tippingpoint.com/security/advisories/TSRT-06-02.html http://www.us-cert.gov/cas/techalerts/TA06-192A.html http://www.vupen.com/english/advisories/2006/2753 https:// •