GCVE - cpe:2.3:a:kerio:personal_firewall:4.1:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kerio:personal_firewall:4.1:*:*:*:*:*:*:*

part: a version: 4.1 update: *

Vendor	Kerio (`e69b4c59-3ac5-57d1-90ce-3259775b391e`)
Product	Personal Firewall (`307057e6-de9e-57d4-b6bb-d9835432904d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-5153`	vulnerable	2026-06-08 04:49:19.786076	Details available The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors. Published: 2006-10-03T23:00:00.000Z Updated: 2024-08-07T19:41:05.577Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/447504/100/0/threaded http://securityreason.com/securityalert/1685 http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://secunia.com/advisories/22234 http://www.securityfocus.com/bid/20299	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-1063`	vulnerable	2026-06-08 04:48:25.300184	Details available The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations." Published: 2005-04-29T04:00:00.000Z Updated: 2024-08-07T21:35:59.857Z Open on db.gcve.eu Reference links http://research.tic.udc.es/scg/advisories/20050429-2.txt http://www.securityfocus.com/archive/1/397220 http://www.kerio.com/security_advisory.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-0964`	vulnerable	2026-06-08 04:48:14.050895	Details available Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions. Published: 2005-04-03T05:00:00.000Z Updated: 2024-08-07T21:35:58.932Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/12946 http://secunia.com/advisories/14717 http://www.kerio.com/security_advisory.html#0503 https://exchange.xforce.ibmcloud.com/vulnerabilities/19893 http://securitytracker.com/id?1013607	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-1109`	vulnerable	2026-06-08 04:47:52.972581	Details available The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field. Published: 2004-12-01T05:00:00.000Z Updated: 2024-08-08T00:39:00.881Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/17992 http://www.kerio.com/security_advisory.html http://www.securityfocus.com/bid/11639 http://www.eeye.com/html/research/advisories/AD20041109.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.