CVE-2006-7160

Name of the Vulnerable Software and Affected Versions Outpost Firewall PRO versions 4.0 and earlier

Description The issue concerns the Sandbox.sys driver, which fails to validate arguments to hooked SSDT functions. This allows local users to cause a denial of service by providing invalid arguments to various functions, including NtAssignProcessToJobObject, NtCreateKey, NtCreateThread, NtDeleteFile, NtLoadDriver, NtOpenProcess, NtProtectVirtualMemory, NtReplaceKey, NtTerminateProcess, NtTerminateThread, NtUnloadDriver, and NtWriteVirtualMemory.

Recommendations For Outpost Firewall PRO version 4.0 and earlier, consider updating to a newer version that addresses this issue, if available. As a temporary workaround, restricting access to the hooked SSDT functions may help minimize the risk of exploitation. However, the exact steps for this restriction are not specified. At the moment, there is no information about a newer version that contains a fix for this vulnerability.