Vulnerabilities > Improper Input Validation

DATE	CVE	VULNERABILITY TITLE	RISK
2007-09-24	CVE-2007-5043	Improper Input Validation vulnerability in Kaspersky LAB Kaspersky Internet Security 7.0.0.125 Kaspersky Internet Security 7.0.0.125 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to (1) cause a denial of service (crash) and possibly gain privileges via the NtCreateSection kernel SSDT hook or (2) cause a denial of service (avp.exe service outage) via the NtLoadDriver kernel SSDT hook. local kaspersky-lab CWE-20	4.4
2007-09-24	CVE-2007-5041	Improper Input Validation vulnerability in Gdata Internetsecurity 2007 G DATA InternetSecurity 2007 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey and (2) NtOpenProcess kernel SSDT hooks. local low complexity gdata CWE-20	4.6
2007-09-24	CVE-2007-5040	Improper Input Validation vulnerability in Ghostsecurity Ghost Security Suite Alpha1.200 Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtCreateThread, (3) NtDeleteValueKey, (4) NtQueryValueKey, (5) NtSetSystemInformation, and (6) NtSetValueKey kernel SSDT hooks. local low complexity ghostsecurity CWE-20	2.1
2007-09-24	CVE-2007-5039	Improper Input Validation vulnerability in Ghostsecurity Ghost Security Suite 1.110Beta Ghost Security Suite beta 1.110 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteValueKey, (3) NtQueryValueKey, (4) NtSetSystemInformation, and (5) NtSetValueKey kernel SSDT hooks. local low complexity ghostsecurity CWE-20	2.1
2007-09-24	CVE-2007-5036	Improper Input Validation vulnerability in Airdefense Airsensor M520 Multiple buffer overflows in the AirDefense Airsensor M520 with firmware 4.3.1.1 and 4.4.1.4 allow remote authenticated users to cause a denial of service (HTTPS service outage) via a crafted query string in an HTTPS request to (1) adLog.cgi, (2) post.cgi, or (3) ad.cgi, related to the "files filter." network low complexity airdefense CWE-20	5.0
2007-09-21	CVE-2007-5031	Improper Input Validation vulnerability in Dibbler 0.6.0 The TSrvOptIA_NA::rebind method in SrvOptions/SrvOptIA_NA.cpp in Dibbler 0.6.0 allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via an invalid IA_NA option in a REBIND message. network low complexity dibbler CWE-20	5.0
2007-09-21	CVE-2007-5029	Improper Input Validation vulnerability in Dibbler 0.6.0 Dibbler 0.6.0 does not verify that certain length parameters are appropriate for buffer sizes, which allows remote attackers to trigger a buffer over-read and cause a denial of service (daemon crash), as demonstrated by incorrect behavior of the TSrvMsg constructor in SrvMessages/SrvMsg.cpp when (1) reading the option code and option length and (2) parsing options. network low complexity dibbler CWE-20	5.0
2007-09-19	CVE-2007-4971	Improper Input Validation vulnerability in Isecsoft Prosecurity 1.40Beta2 ProSecurity 1.40 Beta 2 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenSection, and (5) NtSetSystemTime. local isecsoft CWE-20	4.4
2007-09-19	CVE-2007-4970	Improper Input Validation vulnerability in Diamondcs Processguard 3.410 ProcessGuard 3.410 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks for Windows Native API functions including (1) NtCreateFile, (2) NtCreateKey, (3) NtDeleteValueKey, (4) NtOpenFile, (5) NtOpenKey, and (6) NtSetValueKey. local diamondcs CWE-20	4.4
2007-09-19	CVE-2007-4969	Improper Input Validation vulnerability in Sysinternals Process Monitor 1.22 Process Monitor 1.22 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via unspecified kernel SSDT hooks for Windows Native API functions including (1) NtCreateKey, (2) NtDeleteValueKey, (3) NtLoadKey, (4) NtOpenKey, (5) NtQueryValueKey, (6) NtSetValueKey, and (7) NtUnloadKey. local sysinternals CWE-20	4.4

Vulnerabilities > Improper Input Validation {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Improper Input Validation"}]}

Vulnerabilities > Improper Input Validation