Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0365

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-0365
Last Modified 07 Mar 2011 10:04:23
Published 18 Jan 2008 06:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-0365

Summary

Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments to (1) IOCTL functions in the Firewall module or (2) SSDT hook handler functions in the Registry module.

Vulnerable Systems

Application

  • Core Security Technologies Core Force 0.95.167


References

VUPEN - ADV-2008-0242

BID - 27341

BUGTRAQ - 20080117 CORE-2007-1119: CORE FORCE Kernel Buffer Overflow

CONFIRM - http://www.coresecurity.com/?action=item&id=2025

XF - coreforce-firewall-registry-bo(39758)

SECTRACK - 1019245

SREASON - 3555

CONFIRM - http://force.coresecurity.com/index.php?module=articles&func=display&aid=32


Last Updated: 27 May 2016 10:46:46