CVE-2007-4967
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Online Armor Personal Firewall 2.0.1.215 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including (1) NtAllocateVirtualMemory, (2) NtConnectPort, (3) NtCreateFile, (4) NtCreateKey, (5) NtCreatePort, (6) NtDeleteFile, (7) NtDeleteValueKey, (8) NtLoadKey, (9) NtOpenFile, (10) NtOpenProcess, (11) NtOpenThread, (12) NtResumeThread, (13) NtSetContextThread, (14) NtSetValueKey, (15) NtSuspendProcess, (16) NtSuspendThread, and (17) NtTerminateThread.
Online Armor Personal Firewall 2.0.1.215 no valida adecuadamente ciertos parámetros a los manejadores de funciones de Tablas de Descripción de Servicios del Sistema (SSDT), lo cual permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente obtener privilegios mediante ganchos SSDT del núcleo para funciones de la API nativa de Windows entre las que se incluyen (1) NtAllocateVirtualMemory, (2) NtConnectPort, (3) NtCreateFile, (4) NtCreateKey, (5) NtCreatePort, (6) NtDeleteFile, (7) NtDeleteValueKey, (8) NtLoadKey, (9) NtOpenFile, (10) NtOpenProcess, (11) NtOpenThread, (12) NtResumeThread, (13) NtSetContextThread, (14) NtSetValueKey, (15) NtSuspendProcess, (16) NtSuspendThread, y (17) NtTerminateThread.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-09-18 CVE Reserved
- 2007-09-19 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/45951 | Vdb Entry | |
| http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php | X_refsource_misc | |
| http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php | X_refsource_misc | |
| http://www.securityfocus.com/archive/1/479830/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/25711 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Online Armor Search vendor "Online Armor" | Personal Firewall Search vendor "Online Armor" for product "Personal Firewall" | 2.0.1.215 Search vendor "Online Armor" for product "Personal Firewall" and version "2.0.1.215" | - |
Affected
| ||||||