Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
| Link | Tags |
|---|---|
| http://secunia.com/advisories/29996 | third party advisory vendor advisory |
| http://www.securityfocus.com/bid/28743 | vdb entry |
| http://securityreason.com/securityalert/3838 | third party advisory |
| http://www.vupen.com/english/advisories/2008/1381 | vdb entry |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42083 | vdb entry |
| http://www.coresecurity.com/?action=item&id=2249 | |
| http://www.sophos.com/support/knowledgebase/article/37810.html | |
| http://www.securityfocus.com/archive/1/491405/100/0/threaded | mailing list |
| http://securitytracker.com/id?1019945 | vdb entry |