CVE-2004-1748

Name of the Vulnerable Software and Affected Versions NtRegmon versions prior to 6.12

Description The issue allows local users to cause a denial of service, resulting in a system crash, by providing invalid pointers to hook functions such as ZwSetQueryValue while NtRegmon is running. This is due to NtRegmon's failure to properly check argument pointers supplied to the ZwSetQueryValue kernel hook, leading to a loss of availability for the Windows machine.

Recommendations For versions prior to 6.12, update to version 6.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the ZwSetQueryValue kernel hook to minimize the risk of exploitation.