CVE-2007-4968 - Vulnerability Details - OpenCVE

Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for (1) NtOpenProcess and (2) NtOpenThread.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Privacyware	Privatefirewall

Configuration 1 [-]

cpe:2.3:a:privacyware:privatefirewall:5.0.14.2:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://osvdb.org/45952
http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php
http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php
http://www.securityfocus.com/archive/1/479830/100/0/threaded
http://www.securityfocus.com/bid/25712

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-09-19T01:00:00

Updated: 2024-08-07T15:17:27.858Z

Reserved: 2007-09-18T00:00:00

Link: CVE-2007-4968

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-09-19T01:17:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-4968

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-18T00:00:00", "descriptions": [{"lang": "en", "value": "Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for (1) NtOpenProcess and (2) NtOpenThread."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "25712", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25712"}, {"tags": ["x_refsource_MISC"], "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"}, {"tags": ["x_refsource_MISC"], "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"}, {"name": "45952", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/45952"}, {"name": "20070918 Plague in (security) software drivers & BSDOhook utility", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2007-4968", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for (1) NtOpenProcess and (2) NtOpenThread."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "25712", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25712"}, {"name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php", "refsource": "MISC", "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"}, {"name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php", "refsource": "MISC", "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"}, {"name": "45952", "refsource": "OSVDB", "url": "http://osvdb.org/45952"}, {"name": "20070918 Plague in (security) software drivers & BSDOhook utility", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:17:27.858Z"}, "title": "CVE Program Container", "references": [{"name": "25712", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25712"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"}, {"name": "45952", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/45952"}, {"name": "20070918 Plague in (security) software drivers & BSDOhook utility", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4968", "datePublished": "2007-09-19T01:00:00", "dateReserved": "2007-09-18T00:00:00", "dateUpdated": "2024-08-07T15:17:27.858Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:privacyware:privatefirewall:5.0.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "1A90F3EB-FBFA-4C11-8D5C-1CA2CBBD5141", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for (1) NtOpenProcess and (2) NtOpenThread."}, {"lang": "es", "value": "Privatefirewall 5.0.14.2 no valida adecuadamente ciertos par\u00e1metros a manejadores de funciones de Tablas de Descripci\u00f3n de Servicios del Sistema (SSDT), lo cual permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente obtener privilegios mediante ganchos SSDT del n\u00facleo para (1) NtOpenProcess and (2) NtOpenThread."}], "id": "CVE-2007-4968", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-09-19T01:17:00.000", "references": [{"source": "[email protected]", "url": "http://osvdb.org/45952"}, {"source": "[email protected]", "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"}, {"source": "[email protected]", "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/bid/25712"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/45952"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25712"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "[email protected]", "type": "Primary"}]}