Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3197

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-3197
Last Modified 07 Mar 2011 09:26:00
Published 14 Oct 2005 06:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-3197

Summary

Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list.

Vulnerable Systems

Application

  • Webroot Software Desktop Firewall 1.3.0.43


References

XF - webroot-pwiwrapper-bo(22529)

BID - 15016

MISC - http://secunia.com/secunia_research/2005-10/advisory/

SECUNIA - 15745

VUPEN - ADV-2005-1973

CONFIRM - http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332

OSVDB - 19868

SECTRACK - 1015012

FULLDISC - 20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities


Last Updated: 27 May 2016 10:40:50