FKIE_CVE-2014-4974

Vulnerability from fkie_nvd - Published: 2014-11-04 16:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls.
References
cve@mitre.orghttp://packetstormsecurity.com/files/128874/ESET-7.0-Kernel-Memory-Leak.html
cve@mitre.orghttp://seclists.org/fulldisclosure/2014/Oct/118
cve@mitre.orghttp://www.securityfocus.com/bid/70770
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/98312
cve@mitre.orghttps://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/128874/ESET-7.0-Kernel-Memory-Leak.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/Oct/118
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/70770
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/98312
af854a3a-2127-422b-91ae-364da2661108https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/
Impacted products
Vendor Product Version
eset personal_firewall_ndis_filter *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:eset:personal_firewall_ndis_filter:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A967F15F-3EFC-46F7-AE31-AF77E44F36BE",
              "versionEndIncluding": "1183_\\(20140214\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls."
    },
    {
      "lang": "es",
      "value": "El controlador del modo de kernel del filtro ESET Personal Firewall NDIS (EpFwNdis.sys), tambi\u00e9n conocido como el m\u00f3dulo Personal Firewall anterior a Build 1212 (20140609), utilizado en m\u00faltiples productos ESET 5.0 hasta 7.0, permite a usuarios locales obtener informaci\u00f3n sensible de la memoria del kernel a trav\u00e9s de llamadas IOCTL manipuladas."
    }
  ],
  "id": "CVE-2014-4974",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-11-04T16:55:06.450",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://packetstormsecurity.com/files/128874/ESET-7.0-Kernel-Memory-Leak.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/118"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/70770"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98312"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/128874/ESET-7.0-Kernel-Memory-Leak.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2014/Oct/118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/70770"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.