header-logo
Suggest Exploit
vendor:
Sygate Personal Firewall
by:
7.5
CVSS
HIGH
Denial of Service
CWE
Product Name: Sygate Personal Firewall
Affected Version From: Sygate Personal Firewall PRO version 5.5 Build 2525
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE: a:sygate_technologies:personal_firewall:5.5_build_2525
Metasploit:
Other Scripts:
Platforms Tested: Windows

Local Denial of Service Vulnerability in Sygate Personal Firewall

A local denial of service vulnerability is reported to affect the Sygate Personal Firewall. It is reported that the smc.exe service may be crashed using the List-View Control in the Sygate Personal Firewall GUI. This issue may be exploited in conjunction with the issue described in BID 10540, in order to completely disable the affected firewall as an unprivileged user.

Mitigation:

Patch or update to a non-vulnerable version.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10542/info

A local denial of service vulnerability is reported to affect the Sygate Personal Firewall. It is reported that the smc.exe service may be crashed using the List-View Control in the Sygate Personal Firewall GUI.

This issue may be exploited in conjunction with the issue described in BID 10540, in order to completely disable the affected firewall as an unprivileged user. 

This vulnerability is reported to affect Sygate Personal Firewall PRO version 5.5 Build 2525. Other versions might also be affected.

SendMessage(hHdrControl, HDM_GETITEMRECT, 1, (LPARAM)NON-WRITABLE_ADDR);

Navigation

Suggest Exploit

Services By CQR