CVE-2008-5724
First published: Fri Dec 26 2008(Updated: )
The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafted IRP in a certain METHOD_NEITHER IOCTL request to \Device\Epfw that overwrites portions of memory.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ESET Smart Security | <=3.0.672 | |
| ESET Smart Security | =3.0.551 | |
| ESET Smart Security | =3.0.560 | |
| ESET Smart Security | =3.0.563 | |
| ESET Smart Security | =3.0.621 | |
| ESET Smart Security | =3.0.642 | |
| ESET Smart Security | =3.0.650 | |
| ESET Smart Security | =3.0.657 | |
| ESET Smart Security | =3.0.667 | |
| ESET Smart Security | =3.0.669 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.eset.com/joomla/index.php?option=com_content&task=view&id=4113&Itemid=5
- http://www.ntinternals.org/ntiadv0807/ntiadv0807.html
- http://secunia.com/advisories/33210
- http://www.securityfocus.com/bid/32917
- http://www.vupen.com/english/advisories/2008/3456
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47477
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/severity
- agent/weakness
- agent/softwarecombine
- agent/author
- agent/description
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/eset
- canonical/eset smart security
- version/eset smart security/3.0.672
- version/eset smart security/3.0.551
- version/eset smart security/3.0.560
- version/eset smart security/3.0.563
- version/eset smart security/3.0.621
- version/eset smart security/3.0.642
- version/eset smart security/3.0.650
- version/eset smart security/3.0.657
- version/eset smart security/3.0.667
- version/eset smart security/3.0.669