cpe:/a:sophos:anti-virus:7.0.5 CVE-2008-1737 2008-04-29T20:10:00.000-04:00 2017-08-07T21:30:24.760-04:00 6.9 LOCAL MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-04-30T16:07:00.000-04:00 ALLOWS_ADMIN_ACCESS SECTRACK 1019945 BUGTRAQ 20080428 CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls BID 28743 SECUNIA 29996 SREASON 3838 VUPEN ADV-2008-1381 MISC http://www.coresecurity.com/?action=item&id=2249 CONFIRM http://www.sophos.com/support/knowledgebase/article/37810.html XF sophos-ssdt-dos(42083) Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function.