1. CVE-Search
  2. CVE-2005-3197
ID CVE-2005-3197
Summary Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list.
References
Vulnerable Configurations
  • cpe:2.3:a:webroot_software:desktop_firewall:1.3.0.43:*:*:*:*:*:*:*
    cpe:2.3:a:webroot_software:desktop_firewall:1.3.0.43:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 11-07-2017 - 01:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 15016
confirm http://support.webroot.com/ics/support/KBAnswer.asp?questionID=2332
fulldisc 20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities
misc http://secunia.com/secunia_research/2005-10/advisory/
osvdb 19868
sectrack 1015012
secunia 15745
vupen ADV-2005-1973
xf webroot-pwiwrapper-bo(22529)
Last major update 11-07-2017 - 01:33
Published 14-10-2005 - 10:02
Last modified 11-07-2017 - 01:33
Back to Top