CORE FORCE before 0.95.172 does not properly validate arguments to SSDT hook handler functions in the Registry module, which allows local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments.
References
Configurations
History
No history.
Information
Published : 2008-01-18 23:00
Updated : 2024-02-04 17:13
NVD link : CVE-2008-0366
Mitre link : CVE-2008-0366
CVE.ORG link : CVE-2008-0366
JSON object : View
Products Affected
core_security_technologies
- core_force
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer