Matousec - Transparent security

4 exploits Active since Feb 2007
CVE-2007-1793 EXPLOITDB c WORKING POC
Symantec Norton Personal Firewall 9.1.0.33/9.1.1.7 DoS via NtCreateMutant/NtOpenEvent
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.
CVE-2007-2083 EXPLOITDB c WORKING POC
ZoneAlarm Pro < 7.0.302.000 - Denial of Service or Arbitrary Code Execution via NtCreateKey and NtDeleteFile SSDT Hooks
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
CVE-2007-0708 EXPLOITDB c WORKING POC
Comodo Firewall Pro <2.4.16.174 - DoS
cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate in user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.
CVE-2007-3086 EXPLOITDB c WORKING POC
Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier - Denial of Service via outpost_ipc_hdr Mutex Capture
Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex.