Privacyware: >> Privatefirewall Security Vulnerabilities
Privatefirewall 5.0.14.2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for (1) NtOpenProcess and (2) NtOpenThread.
CVSS Score
4.4
EPSS Score
0.001
Published
2007-09-19
Privacyware Privatefirewall 3.0 does not block certain incoming packets when in "Filter Internet Traffic" or Deny Internet Traffic" modes, which allows remote attackers to identify running services via FIN scans or Xmas scans.
CVSS Score
5.0
EPSS Score
0.005
Published
2003-07-02