|
|
CVE Reference: CVE-2007-5043 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-5043 |
|
|
Description: Kaspersky Internet Security 7.0.0.125 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to (1) cause a denial of service (crash) and possibly gain privileges via the NtCreateSection kernel SSDT hook or (2) cause a denial of service (avp.exe service outage) via the NtLoadDriver kernel SSDT hook. NOTE: this issue may partially overlap CVE-2006-3074. |
|
|
CVE Status: Candidate |
|
|
References: SREASON http://securityreason.com/securityalert/3161 MISC http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/479830/100/0/threaded |
|
| Return to the previous page. |
