Unrated severityNVD Advisory· Published Aug 12, 2008· Updated Apr 23, 2026
CVE-2008-2926
CVE-2008-2926
Description
The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request.
Affected products
5- cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ca:host_based_intrusion_prevention_system:r8:*:*:*:*:*:*:*
- cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*
- cpe:2.3:a:ca:personal_firewall_2007:*:*:*:*:*:*:*:*
- cpe:2.3:a:ca:personal_firewall_2008:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- secunia.com/advisories/31434nvdPatchVendor Advisory
- www.ca.com/us/securityadvisor/vulninfo/vuln.aspxnvd
- www.securityfocus.com/archive/1/495397/100/0/threadednvd
- www.securityfocus.com/bid/30651nvd
- www.securitytracker.com/idnvd
- www.securitytracker.com/idnvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2008/2339nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/44392nvd
News mentions
0No linked articles in our index yet.