CVE-2007-1194 Information

Description

Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries which allows local users to determine that the local machine is an emulator or a similar environment not based on a physical Intel processor which allows attackers to produce malware that is more difficult to analyze.

Reference

http://osvdb.org/34955 http://www.ntsecurity.nu/onmymind/2007/2007-02-27.html http://www.securityfocus.com/archive/1/461555/100/0/threaded http://www.securityfocus.com/archive/1/461804/100/100/threaded http://www.securityfocus.com/archive/1/461805/100/100/threaded