CVE-2007-5040

Name of the Vulnerable Software and Affected Versions Ghost Security Suite alpha version 1.200

Description The issue is related to improper validation of certain parameters to System Service Descriptor Table (SSDT) function handlers. This can be exploited by local users to cause a denial of service (crash) and possibly gain privileges. The affected kernel SSDT hooks include NtCreateKey, NtCreateThread, NtDeleteValueKey, NtQueryValueKey, NtSetSystemInformation, and NtSetValueKey.

Recommendations For Ghost Security Suite alpha version 1.200, ensure proper validation of parameters to SSDT function handlers to prevent exploitation. As a temporary workaround, consider restricting access to the affected SSDT hooks until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.