Vulnerabilities > CVE-2007-2965 - Local Security vulnerability in Internet Gatekeeper

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

f-secure

NVD

Published: 2007-05-31

Updated: 2017-07-29

Summary

Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and "access validation of the address space."

Vulnerable Configurations

Part	Description	Count
Application	F-Secure F Secure F Secure Anti Virus * F Secure F Secure Anti Virus 2005 F Secure F Secure Anti Virus 2006 F Secure F Secure Anti Virus 2007 F Secure F Secure Anti Virus Client Security * F Secure F Secure Anti Virus Linux Client Security * F Secure F Secure Anti Virus Linux Server Security * F Secure F Secure Internet Security 2005 F Secure F Secure Internet Security 2006 F Secure F Secure Internet Security 2007 F Secure F Secure Protection Service * F Secure Internet Gatekeeper *	19

Summary

Vulnerable Configurations

References