CVE-2004-0767

Properties

Published:
17.08.2004
Updated:
20.10.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:N/I:N/A:C/B:N) Approximated
    Product:
    NGSEC: StackDefender

    Vulnerability description

    NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the ObjectAttribues parameter to the hooks for the (1) ZwCreateFile or (2) ZwOpenFile functions.

    References:

    iDEFENSE: http://www.idefense.com/application/poi/display?id=118&type=vulnerabilities&flashstatus=false
    MISC: http://www.idefense.com/application/poi/display?id=118&type=vulnerabilities&flashstatus=false
    XF: http://xforce.iss.net/xforce/xfdb/16879