Vulnerability Details CVE-2009-0682
vetmonnt.sys in CA Internet Security Suite r3, vetmonnt.sys before 9.0.0.184 in Internet Security Suite r4, and vetmonnt.sys before 10.0.0.217 in Internet Security Suite r5 do not properly verify IOCTL calls, which allows local users to cause a denial of service (system crash) via a crafted call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.5%
CVSS Severity
CVSS v2 Score 2.1
References
- http://en.securitylab.ru/lab/PT-2009-05
- http://osvdb.org/57228
- http://www.securityfocus.com/archive/1/505880/100/0/threaded
- http://www.securityfocus.com/archive/1/506103/100/0/threaded
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214673
- http://en.securitylab.ru/lab/PT-2009-05
- http://osvdb.org/57228
- http://www.securityfocus.com/archive/1/505880/100/0/threaded
- http://www.securityfocus.com/archive/1/506103/100/0/threaded
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214673
Products affected by CVE-2009-0682
-
cpe:2.3:a:ca:internet_security_suite:*
-
cpe:2.3:a:ca:internet_security_suite:10.0.0.217
-
cpe:2.3:a:ca:internet_security_suite:9.0.0.184