VYPR
Unrated severityNVD Advisory· Published Sep 19, 2007· Updated Jun 16, 2026

CVE-2007-4967

CVE-2007-4967

Description

Online Armor Personal Firewall 2.0.1.215 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including (1) NtAllocateVirtualMemory, (2) NtConnectPort, (3) NtCreateFile, (4) NtCreateKey, (5) NtCreatePort, (6) NtDeleteFile, (7) NtDeleteValueKey, (8) NtLoadKey, (9) NtOpenFile, (10) NtOpenProcess, (11) NtOpenThread, (12) NtResumeThread, (13) NtSetContextThread, (14) NtSetValueKey, (15) NtSuspendProcess, (16) NtSuspendThread, and (17) NtTerminateThread.

Affected products

2
  • cpe:2.3:a:online_armor:personal_firewall:2.0.1.215:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:online_armor:personal_firewall:2.0.1.215:*:*:*:*:*:*:*
    • (no CPE)range: 2.0.1.215

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.