CVE-2007-5043

Severity Score

4.4

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Kaspersky Internet Security 7.0.0.125 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to (1) cause a denial of service (crash) and possibly gain privileges via the NtCreateSection kernel SSDT hook or (2) cause a denial of service (avp.exe service outage) via the NtLoadDriver kernel SSDT hook. NOTE: this issue may partially overlap CVE-2006-3074.

Kaspersky Internet Security 7.0.0.125 no valida de forma adecuada ciertos parámetros en los manejadores de función System Service Descriptor Table (SSDT), el cual permite a usuarios locales (1) provocar denegación de servicio (caida) y posiblemente ganar privilegios a través del secuestro de NtCreateSection kernel SSDT o (2) provocar denegación de servicio (apagón del servicio avp.exe) a través del secuestro de NtLoadDriver kernel SSDT. NOTA: este asunto podría estar parcialmente solapado con CVE-2006-3074.

*Credits: N/A

CVSS Scores

NISTv2 4.4

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-09-23 CVE Reserved
2007-09-24 CVE Published
2023-03-08 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation
CWE-264: Permissions, Privileges, and Access Controls

CAPEC

References (4)

URL	Tag	Source
http://securityreason.com/securityalert/3161	Third Party Advisory
http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php	X_refsource_misc
http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php	X_refsource_misc
http://www.securityfocus.com/archive/1/479830/100/0/threaded	Mailing List

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Kaspersky Lab Search vendor "Kaspersky Lab"		Kaspersky Internet Security Search vendor "Kaspersky Lab" for product "Kaspersky Internet Security"				7.0.0.125 Search vendor "Kaspersky Lab" for product "Kaspersky Internet Security" and version "7.0.0.125"		-		Affected