← Voltar para CVEs

CVE-2007-5040

N/A

Descricao

Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtCreateThread, (3) NtDeleteValueKey, (4) NtQueryValueKey, (5) NtSetSystemInformation, and (6) NtSetValueKey kernel SSDT hooks.

Detalhes CVE

Pontuacao CVSS v3.1N/A

Publicado9/24/2007

Ultima modificacao4/23/2026

Fontenvd

Avistamentos honeypot0

Produtos afetados

ghostsecurity:ghost_security_suite

Fraquezas (CWE)

CWE-20CWE-264

Referencias

http://securityreason.com/securityalert/3161(cve@mitre.org)

http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php(cve@mitre.org)

http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php(cve@mitre.org)

http://www.securityfocus.com/archive/1/479830/100/0/threaded(cve@mitre.org)

http://securityreason.com/securityalert/3161(af854a3a-2127-422b-91ae-364da2661108)

http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php(af854a3a-2127-422b-91ae-364da2661108)

http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/archive/1/479830/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.