GCVE - cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*

part: a version: 4.0.6 update: *

Vendor	Kerio (`e69b4c59-3ac5-57d1-90ce-3259775b391e`)
Product	Personal Firewall (`307057e6-de9e-57d4-b6bb-d9835432904d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-5153`	vulnerable	2026-06-08 04:49:19.779861	Details available The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors. Published: 2006-10-03T23:00:00.000Z Updated: 2024-08-07T19:41:05.577Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/447504/100/0/threaded http://securityreason.com/securityalert/1685 http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://secunia.com/advisories/22234 http://www.securityfocus.com/bid/20299	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-1063`	vulnerable	2026-06-08 04:48:25.298558	Details available The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations." Published: 2005-04-29T04:00:00.000Z Updated: 2024-08-07T21:35:59.857Z Open on db.gcve.eu Reference links http://research.tic.udc.es/scg/advisories/20050429-2.txt http://www.securityfocus.com/archive/1/397220 http://www.kerio.com/security_advisory.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0964`	vulnerable	2026-06-08 04:48:14.049109	Details available Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions. Published: 2005-04-03T05:00:00.000Z Updated: 2024-08-07T21:35:58.932Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/12946 http://secunia.com/advisories/14717 http://www.kerio.com/security_advisory.html#0503 https://exchange.xforce.ibmcloud.com/vulnerabilities/19893 http://securitytracker.com/id?1013607	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1907`	not_vulnerable	2026-06-08 04:48:08.017863	Details available The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of service (crash) by sending hex-encoded URLs containing "%13%12%13". Published: 2005-05-10T04:00:00.000Z Updated: 2024-08-08T01:07:49.078Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2004-04/0061.html http://marc.info/?l=bugtraq&m=108137421524251&w=2 http://www.securityfocus.com/bid/10075 http://secunia.com/advisories/11331 https://exchange.xforce.ibmcloud.com/vulnerabilities/15821	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1658`	vulnerable	2026-06-08 04:47:54.728447	Details available Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable. Published: 2005-02-20T05:00:00.000Z Updated: 2024-08-08T01:00:36.880Z Open on db.gcve.eu Reference links http://www.security.org.sg/vuln/kerio4016.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17270 http://www.securityfocus.com/bid/11096 http://secunia.com/advisories/12468/ http://marc.info/?l=bugtraq&m=109420310631039&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1109`	vulnerable	2026-06-08 04:47:52.969071	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.