Vulnerability Details CVE-2006-7160
The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.6%
CVSS Severity
CVSS v2 Score 4.9
References
- http://secunia.com/advisories/22913
- http://securityreason.com/securityalert/2376
- http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php
- http://www.securityfocus.com/archive/1/451672/100/0/threaded
- http://www.securityfocus.com/bid/21097
- http://www.vupen.com/english/advisories/2006/4537
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30312
- http://secunia.com/advisories/22913
- http://securityreason.com/securityalert/2376
- http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php
- http://www.securityfocus.com/archive/1/451672/100/0/threaded
- http://www.securityfocus.com/bid/21097
- http://www.vupen.com/english/advisories/2006/4537
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30312
Products affected by CVE-2006-7160
-
cpe:2.3:a:agnitum:outpost_firewall:*