CVE-2008-1735 - BitDefender Antivirus 2008 20080118 and earlier allows local users to cause a denial of service (sys

CVE-2008-1735

Summary

BitDefender Antivirus 2008 20080118 and earlier allows local users to cause a denial of service (system crash) via an invalid pointer to the CLIENT_ID structure in a call to the NtOpenProcess hooked System Service Descriptor Table (SSDT) function.

References

Vulnerable Configurations

cpe:2.3:a:bitdefender:antivirus:2008:*:*:*:*:*:*:*
cpe:2.3:a:bitdefender:antivirus:2008:*:*:*:*:*:*:*

CVSS

Base:	4.9 (as of 11-10-2018 - 20:36)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	28741
bugtraq	20080428 CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls
misc	http://kb.bitdefender.com/KB419-en--Security-vulnerability-in-BitDefender-2008.html http://www.coresecurity.com/?action=item&id=2249
sectrack	1019943
secunia	30005
sreason	3838
vupen	ADV-2008-1384
xf	bitdefender-ssdt-dos(42081)

Last major update

11-10-2018 - 20:36

Published

30-04-2008 - 00:10

Last modified

11-10-2018 - 20:36