VYPR
Unrated severityNVD Advisory· Published Sep 19, 2007· Updated Jun 16, 2026

CVE-2007-4969

CVE-2007-4969

Description

Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey, (2) NtDeleteValueKey, (3) NtLoadKey, (4) NtOpenKey, (5) NtQueryValueKey, (6) NtSetValueKey, and (7) NtUnloadKey.

Affected products

2
  • cpe:2.3:a:sysinternals:process_monitor:1.22:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:sysinternals:process_monitor:1.22:*:*:*:*:*:*:*
    • (no CPE)range: 1.22

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.