NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the ObjectAttribues parameter to the hooks for the (1) ZwCreateFile or (2) ZwOpenFile functions.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Stackdefender | Ngsec | 1.10 (including) | 1.10 (including) |