CVE-2009-2918

Published: Aug 21, 2009Modified: Apr 23, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted request to the 0x80000034 IOCTL, probably involving an input or output buffer size of 0.

Affected (1)

Products: Thegreenbow: Thegreenbow Vpn Client

1 product

Thegreenbow Vpn Client

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Thegreenbow Thegreenbow Vpn Client	Version 4.61.003

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

http://secunia.com/advisories/36332

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/505816/100/0/threaded

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/2294

Source: cve@mitre.org

Vendor Advisory

https://www.evilfingers.com/advisory/Advisory/TheGreenBow_VPN_Client_tgbvpn.sys_DoS.php

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/36332

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/505816/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/2294

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.evilfingers.com/advisory/Advisory/TheGreenBow_VPN_Client_tgbvpn.sys_DoS.php

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.