CVE-2014-4974 Information

Description

The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver aka Personal Firewall module before Build 1212 (20140609) as used in multiple ESET products 5.0 through 7.0 allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls.

Reference

http://packetstormsecurity.com/files/128874/ESET-7.0-Kernel-Memory-Leak.html http://seclists.org/fulldisclosure/2014/Oct/118 http://www.securityfocus.com/bid/70770 https://exchange.xforce.ibmcloud.com/vulnerabilities/98312 https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/