Page 41 of 214 results (0.168 seconds)

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 2

CVE-2008-1471 – Panda Internet Security/AntiVirus+Firewall 2008 - 'CPoint.sys' Memory Corruption

https://notcve.org/view.php?id=CVE-2008-1471

The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory. El dispositivo cpoint.sys driver en Panda Internet Security 2008 y Antivirus+ Firewall 2008 permite a usuarios locales provocar una denegación de servicio (caída del sistema o kernel panic), sobrescribir memoria o ejecutar código de su elección a través de una petición IOCTL manipulada que dispara una escritura en memoria fuera de límite. • https://www.exploit-db.com/exploits/31363 http://secunia.com/advisories/29311 http://www.pandasecurity.com/homeusers/support/card?id=41231&idIdioma=2&ref=ProdExp http://www.pandasecurity.com/homeusers/support/card?id=41337&idIdioma=2&ref=ProdExp http://www.securityfocus.com/archive/1/489292/100/0/threaded http://www.securityfocus.com/bid/28150 http://www.securitytracker.com/id?1019568 http://www.trapkit.de/advisories/TKADV2008-001.txt http://www.vupen.com/english/advisories/2008/0 • CWE-399: Resource Management Errors •

CVSS: 4.9EPSS: 0%CPEs: 56EXPL: 2

CVE-2007-1793 – Symantec (Multiple Products) - 'SPBBCDrv' Driver Local Denial of Service

https://notcve.org/view.php?id=CVE-2007-1793

SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected. El archivo SPBBCDrv.sys en Symantec Norton Personal Firewall 2006 versiones 9.1.0.33 y 9.1.1.7 no comprueba ciertos argumentos antes de ser pasado hacia los controladores de la función SSDT enlazada, lo que permite a los usuarios locales causar una denegación de servicio (bloqueo) o posiblemente ejecutar código arbitrario por medio de argumentos creados para las funciones (1) NtCreateMutant y (2) NtOpenEvent. NOTA: más tarde se informó que Norton Internet Security 2008 versión 15.0.0.60, y posiblemente otras versiones de 2006, también se ven afectados. • https://www.exploit-db.com/exploits/29810 http://osvdb.org/34692 http://secunia.com/advisories/24677 http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www& • CWE-20: Improper Input Validation •

CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 1

CVE-2006-4541 – Internet Security Systems 3.6 BlackICE - Local Denial of Service

https://notcve.org/view.php?id=CVE-2006-4541

RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows local users to cause a denial of service (crash) via a NULL third argument to the NtOpenSection API function. NOTE: it was later reported that 3.6.cqn is also affected. RapDrv.sys en BlackICE PC Protection 3.6.cpn, cpj, cpiE, y posiblemente 3.6 y anteriores, permite a usuarios locales provocar denegación de servicio (caida) a través de un tercer argumento NULL a la función NtOpenSection API. NOTA: Posteriormente fue notificado que 3.6.cqn también se ve afectado. • https://www.exploit-db.com/exploits/28469 http://secunia.com/advisories/21710 http://securityreason.com/securityalert/1512 http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www.osvdb.org/28332 http://www.securityfocus.com/archive/1/444958/100/ • CWE-20: Improper Input Validation •

CVSS: 5.1EPSS: 2%CPEs: 6EXPL: 1

CVE-2006-3992

https://notcve.org/view.php?id=CVE-2006-3992

Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w29n51.sys Microsoft Windows drivers for Intel 2200BG and 2915ABG PRO/Wireless Network Connection before 10.5 with driver 9.0.4.16 allows remote attackers to execute arbitrary code via certain frames that trigger memory corruption. Vulnerabildad no especifica en los controladores Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, y (4) w29n51.sys Microsoft Windows para Intel 2200BG y 2915ABG PRO/Wireless Network Connection anterior a 10.5 con controlador 9.0.4.16 permite a atacantes remotos ejecutar código de su elección a través de de ciertas ventanas que disparan una corrupción de memoria. • http://securitytracker.com/id?1016621 http://support.intel.com/support/wireless/wlan/sb/CS-023065.htm http://www.kb.cert.org/vuls/id/230208 http://www.securityfocus.com/bid/19298 http://www.vupen.com/english/advisories/2006/3100 •

CVSS: 7.8EPSS: 96%CPEs: 9EXPL: 1

CVE-2006-3942 – Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)

https://notcve.org/view.php?id=CVE-2006-3942

The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (system crash) via an SMB_COM_TRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the ExecuteTransaction function, possibly related to an "SMB PIPE," aka the "Mailslot DOS" vulnerability. ... El controlador de servidor (srv.sys) en Microsoft Windows NT 4.0, 2000, XP, y Server 2003 permite a atacantes remotos provocar una denegación de servicio (caída del sistema) mediante un mensaje SMB_COM_TRANSACTION que contiene una cadena sin terminación de carácter nulo, lo cual lleva a una referencia a NULL en la función ExecuteTransaction, posiblemente relacionado con una "tubería SMB" (SMB PIPE), también conocida como vulnerabilidad "Mailslot DOS". • https://www.exploit-db.com/exploits/2057 http://blogs.technet.com/msrc/archive/2006/07/28/443837.aspx http://secunia.com/advisories/21276 http://securitytracker.com/id?1016606 http://securitytracker.com/id?1017035 http://www.coresecurity.com/common/showdoc.php?idx=562&idxseccion=10 http://www.osvdb.org/27644 http://www.securityfocus.com/archive/1/443287/100/200/threaded http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/19215 • CWE-20: Improper Input Validation •