CVE-2007-1194

Published: Mar 2, 2007Modified: Apr 23, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows attackers to produce malware that is more difficult to analyze.

Affected (1)

Products: Norman: Norman Sandbox Analyzer

1 product

Norman Sandbox Analyzer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Norman Norman Sandbox Analyzer	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

http://osvdb.org/34955

Source: cve@mitre.org

http://www.ntsecurity.nu/onmymind/2007/2007-02-27.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/461555/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/461804/100/100/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/461805/100/100/threaded

Source: cve@mitre.org

http://osvdb.org/34955

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ntsecurity.nu/onmymind/2007/2007-02-27.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/461555/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/461804/100/100/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/461805/100/100/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.