Unrated severityNVD Advisory· Published Sep 19, 2007· Updated Jun 16, 2026
CVE-2007-4967
CVE-2007-4967
Description
Online Armor Personal Firewall 2.0.1.215 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including (1) NtAllocateVirtualMemory, (2) NtConnectPort, (3) NtCreateFile, (4) NtCreateKey, (5) NtCreatePort, (6) NtDeleteFile, (7) NtDeleteValueKey, (8) NtLoadKey, (9) NtOpenFile, (10) NtOpenProcess, (11) NtOpenThread, (12) NtResumeThread, (13) NtSetContextThread, (14) NtSetValueKey, (15) NtSuspendProcess, (16) NtSuspendThread, and (17) NtTerminateThread.
Affected products
2cpe:2.3:a:online_armor:personal_firewall:2.0.1.215:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:online_armor:personal_firewall:2.0.1.215:*:*:*:*:*:*:*
- (no CPE)range: 2.0.1.215
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.