>> Microsoft Windows Firewall User Interface Exception Handling Issue
Title : Microsoft Windows Firewall User Interface Exception Handling Issue VUPEN ID : VUPEN/ADV-2005-1595 CVE ID : CVE-2005-2765 CWE ID : CWE-
Rated as : Low Risk
Remotely Exploitable : No Locally Exploitable : Yes Release Date : 2005-08-31
Technical Description
A weakness has been identified in Microsoft Windows, which could be exploited by local users to hide certain information. This flaw is due to an error in the way that the Windows Firewall User Interface handles malformed entries in the Windows Registry, which could be exploited by attackers or worms, when a system has already been compromised, to create Windows Firewall exception entries that will not be displayed in the Windows firewall graphical user interface.
Note : the command line firewall administration tool "Netsh" is not affected by this issue.
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback If you have additional information or corrections for this security advisory please submit them via our contact form.
