CVE-2005-3197

Name of the Vulnerable Software and Affected Versions Webroot Desktop Firewall versions prior to 1.3.0build52

Description A stack-based buffer overflow issue exists, allowing local users to execute arbitrary code as SYSTEM. This can be achieved by sending a crafted DeviceIoControl command and then removing an allowed program from the firewall list.

Recommendations For versions prior to 1.3.0build52, update to version 1.3.0build52 or later to resolve the issue. As a temporary workaround, consider restricting access to the DeviceIoControl command to minimize the risk of exploitation.