CVE-2008-1737

EPSS 0.06%
Veröffentlicht 30.04.2008 00:10:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sophos ≫ Anti-virus Version7.0.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.145

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://securityreason.com/securityalert/3838

http://www.coresecurity.com/?action=item&id=2249

http://www.securityfocus.com/archive/1/491405/100/0/threaded

http://secunia.com/advisories/29996

Vendor Advisory

http://securitytracker.com/id?1019945

http://www.securityfocus.com/bid/28743

http://www.sophos.com/support/knowledgebase/article/37810.html

http://www.vupen.com/english/advisories/2008/1381

https://exchange.xforce.ibmcloud.com/vulnerabilities/42083

https://nvd.nist.gov/vuln/detail/CVE-2008-1737

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1737

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1737

EUVD