← Retour aux CVEs

CVE-2007-5040

N/A

Description

Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtCreateThread, (3) NtDeleteValueKey, (4) NtQueryValueKey, (5) NtSetSystemInformation, and (6) NtSetValueKey kernel SSDT hooks.

Details CVE

Score CVSS v3.1N/A

Publie9/24/2007

Derniere modification4/23/2026

Sourcenvd

Observations honeypot0

Produits affectes

ghostsecurity:ghost_security_suite

Faiblesses (CWE)

CWE-20CWE-264

References

http://securityreason.com/securityalert/3161(cve@mitre.org)

http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php(cve@mitre.org)

http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php(cve@mitre.org)

http://www.securityfocus.com/archive/1/479830/100/0/threaded(cve@mitre.org)

http://securityreason.com/securityalert/3161(af854a3a-2127-422b-91ae-364da2661108)

http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php(af854a3a-2127-422b-91ae-364da2661108)

http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/archive/1/479830/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.