CVE-2004-0766

Properties

Published:
17.08.2004
Updated:
20.10.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:N/I:N/A:C/B:N) Approximated
    Product:
    NGSEC: StackDefender

    Vulnerability description

    NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid address for the BaseAddress parameter to the hooks for the (1) ZwAllocateVirtualMemory or (2) ZwProtectVirtualMemory functions.

    References:

    iDEFENSE: http://www.idefense.com/application/poi/display?id=119&type=vulnerabilities&flashstatus=false
    MISC: http://www.idefense.com/application/poi/display?id=119&type=vulnerabilities&flashstatus=false
    XF: http://xforce.iss.net/xforce/xfdb/16892