CVE-2014-4974: Infoleak
First published: Tue Nov 04 2014(Updated: )
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ESET Personal Firewall NDIS filter | <=1183_\(20140214\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/128874/ESET-7.0-Kernel-Memory-Leak.html
- http://seclists.org/fulldisclosure/2014/Oct/118
- http://www.securityfocus.com/bid/70770
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98312
- https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/tags
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- vendor/eset
- canonical/eset personal firewall ndis filter
- version/eset personal firewall ndis filter/1183_\(20140214\)