CVE-2006-3787

Name of the Vulnerable Software and Affected Versions Sunbelt Kerio Personal Firewall versions 4.3.x before 4.3.268

Description The issue is related to the kpf4ss.exe component, which fails to properly hook the CreateRemoteThread API function. This allows local users to cause a denial of service, resulting in a crash, and bypass protection mechanisms by calling CreateRemoteThread.

Recommendations For Sunbelt Kerio Personal Firewall versions 4.3.x before 4.3.268, update to version 4.3.268 or later to resolve the issue. As a temporary workaround, consider restricting access to the CreateRemoteThread API function until a patch is applied.