QwikSec

Security Database

CVE

CWE

Training

CVE-2008-5724

Published: Dec 26, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

The Personal Firewall driver (aka epfw.sys) 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafted IRP in a certain METHOD_NEITHER IOCTL request to \Device\Epfw that overwrites portions of memory.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.eset.com/joomla/index.php?option=com_content&task=view&id=4113&Itemid=5

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://www.ntinternals.org/ntiadv0807/ntiadv0807.html

x_refsource_MISC

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_BID

smart-security-epfw-privilege-escalation(47477)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.