7.2
CVE-2009-2450
- EPSS 0.32%
- Veröffentlicht 13.07.2009 17:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online Armor Personal Firewall AV+ before 3.5.0.12, and Personal Firewall 3.5 before 3.5.0.14, allows local users to gain privileges via crafted METHOD_NEITHER IOCTL requests to \Device\OAmon containing arbitrary kernel addresses, as demonstrated using the 0x830020C3 IOCTL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tallemu ≫ Personal Firewall Version <= 3.5.0.13
Tallemu ≫ Personal Firewall Version3.5.0.1
Tallemu ≫ Personal Firewall Version3.5.0.2
Tallemu ≫ Personal Firewall Version3.5.0.3
Tallemu ≫ Personal Firewall Version3.5.0.4
Tallemu ≫ Personal Firewall Version3.5.0.5
Tallemu ≫ Personal Firewall Version3.5.0.6
Tallemu ≫ Personal Firewall Version3.5.0.7
Tallemu ≫ Personal Firewall Version3.5.0.8
Tallemu ≫ Personal Firewall Version3.5.0.9
Tallemu ≫ Personal Firewall Version3.5.0.10
Tallemu ≫ Personal Firewall Version3.5.0.11
Tallemu ≫ Personal Firewall Version3.5.0.12
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.32% | 0.541 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.