Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1737

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-1737
Last Modified 07 Mar 2011 10:07:33
Published 29 Apr 2008 08:10:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1737

Summary

Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function.

Vulnerable Systems

Application

  • Sophos Anti-virus 7.0.5


References

XF - sophos-ssdt-dos(42083)

VUPEN - ADV-2008-1381

CONFIRM - http://www.sophos.com/support/knowledgebase/article/37810.html

BID - 28743

BUGTRAQ - 20080428 CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls

MISC - http://www.coresecurity.com/?action=item&id=2249

SECTRACK - 1019945

SREASON - 3838

SECUNIA - 29996


Last Updated: 27 May 2016 10:47:38