CVE-2007-0081 - Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and possibly other versions allows local

CVE-2007-0081

Summary

Sunbelt Kerio Personal Firewall (SKPF) 4.3.268 and 4.3.246, and possibly other versions allows local users to provide a Trojan horse iphlpapi.dll to SKPF by placing it in the installation directory.

References

Vulnerable Configurations

cpe:2.3:a:sunbelt:sunbelt_kerio_personal_firewall:4.3.246:*:*:*:*:*:*:*
cpe:2.3:a:sunbelt:sunbelt_kerio_personal_firewall:4.3.246:*:*:*:*:*:*:*
cpe:2.3:a:sunbelt:sunbelt_kerio_personal_firewall:4.3.268:*:*:*:*:*:*:*
cpe:2.3:a:sunbelt:sunbelt_kerio_personal_firewall:4.3.268:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 16-10-2018 - 16:31)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:S/C:C/I:C/A:C

refmap via4

bid	21828
bugtraq	20070101 Kerio Fake 'iphlpapi' DLL injection Vulnerability
misc	http://www.matousec.com/info/advisories/Kerio-Fake-iphlpapi-DLL-injection.php
osvdb	33356
sreason	2095
xf	kerio-directory-code-execution(31232)

Last major update

16-10-2018 - 16:31

Published

05-01-2007 - 11:28

Last modified

16-10-2018 - 16:31