Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Agnitum Subscribe
Filtered by product Outpost Firewall
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-3697 3 Agnitum, Lavasoft, Novell 3 Outpost Firewall, Lavasoft Personal Firewall, Client Firewall 2018-10-18 7.2 HIGH N/A
Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the "open folder" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the "Save Configuration As" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall.
CVE-2006-5721 1 Agnitum 1 Outpost Firewall 2018-10-17 4.9 MEDIUM N/A
The \Device\SandBox driver in Outpost Firewall PRO 4.0 (964.582.059) allows local users to cause a denial of service (system crash) via an invalid argument to the DeviceIoControl function that triggers an invalid memory operation.
CVE-2007-3086 1 Agnitum 1 Outpost Firewall 2018-10-16 4.9 MEDIUM N/A
Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex.
CVE-2007-0333 1 Agnitum 1 Outpost Firewall 2018-10-16 7.2 HIGH N/A
Agnitum Outpost Firewall PRO 4.0 allows local users to bypass access restrictions and insert Trojan horse drivers into the product's installation directory by creating links using FileLinkInformation requests with the ZwSetInformationFile function, as demonstrated by modifying SandBox.sys.
CVE-2006-7160 1 Agnitum 1 Outpost Firewall 2018-10-16 4.9 MEDIUM N/A
The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions.
CVE-2007-5042 1 Agnitum 1 Outpost Firewall 2018-10-15 4.6 MEDIUM N/A
Outpost Firewall Pro 4.0.1025.7828 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreateKey, (2) NtDeleteFile, (3) NtLoadDriver, (4) NtOpenProcess, (5) NtOpenSection, (6) NtOpenThread, and (7) NtUnloadDriver kernel SSDT hooks, a partial regression of CVE-2006-7160.
CVE-2006-3696 1 Agnitum 1 Outpost Firewall 2017-07-19 2.1 LOW N/A
filtnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe.
CVE-2004-2472 1 Agnitum 1 Outpost Firewall 2017-07-10 5.0 MEDIUM N/A
Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro.