CyberSec.Space Logo
CVEブラウザに戻る

CVE-2007-0333

HIGH
7.2
CVSS Severity Score
EPSS Score0.1270%
EPSS Percentile41.61th
Published2007年1月18日
Last Modified2026年4月23日

Vulnerability Description

Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.

Affected Platforms (CPE)

📦
Agnitum

Outpost Firewall

= 4.0

References & Advisories

🔗 http://osvdb.org/33480
🔗 http://securityreason.com/securityalert/2163
🔗 http://www.matousec.com/info/advisories/Outpost-Bypassing-Self-Protection-using-file-links.php
🔗 http://www.securityfocus.com/archive/1/456973/100/0/threaded
🔗 http://www.securityfocus.com/bid/22069
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/31529
🔗 http://osvdb.org/33480
🔗 http://securityreason.com/securityalert/2163

関連する脆弱性情報

CVE-2006-36977.2

Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell Bord...

CVE-2004-25547.2

Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYST...

CVE-2004-24725.0

Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, inva...

CVE-2006-57214.9

The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash...