CVE-2007-4969 Information

Description

Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers which allows local users to cause a denial of service (crash) and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey (2) NtDeleteValueKey (3) NtLoadKey (4) NtOpenKey (5) NtQueryValueKey (6) NtSetValueKey and (7) NtUnloadKey.

Reference

http://osvdb.org/45953 http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www.securityfocus.com/archive/1/479830/100/0/threaded http://www.securityfocus.com/bid/25719