CVE-2009-2450 Information

Description

The OAmon.sys kernel driver 3.1.0.0 and earlier in Tall Emu Online Armor Personal Firewall AV+ before 3.5.0.12 and Personal Firewall 3.5 before 3.5.0.14 allows local users to gain privileges via crafted METHOD_NEITHER IOCTL requests to \Device\OAmon containing arbitrary kernel addresses as demonstrated using the 0x830020C3 IOCTL.

Reference

http://milw0rm.com/sploits/2009-OAmon_Exp.zip http://www.exploit-db.com/exploits/8875 http://www.ntinternals.org/ntiadv0806/ntiadv0806.html http://www.securityfocus.com/bid/35227 https://exchange.xforce.ibmcloud.com/vulnerabilities/50960