Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sophos Anti-Virus SSDT函数本地拒绝服务漏洞
Vulnerability Description
Sophos Anti-Virus是英国Sophos公司的一套适用于多种操作系统的反病毒软件。该软件可实时侦测和清除病毒、间谍软件、木马和蠕虫,确保台式机和笔记本电脑的全面网络保护。 Sophos杀毒软件的NtCreateKey函数没有正确地验证参数,本地攻击者可能利用此漏洞导致程序不可用。 相关的代码如下: /----------- int __cdecl NtCreateKeyHook(PHANDLE pKeyHandle, ACCESS_MASK DesiredAccess, POBJECT_ATT
CVSS Information
N/A
Vulnerability Type
N/A