Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 06/11/2017 Updated: 29/11/2017

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 4.4 | Impact Score: 3.6 | Exploitability Score: 0.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, a critical error occurs which leads to a "FrmAdvancedProtection" crash. Although the mechanism malfunctions and an error occurs during the runtime with the stack trace being issued, the software process is not properly terminated. The software client is still attempting to maintain the connection even though the network connection information is being reset live. In that insecure mode, the "FrmAdvancedProtection" component crashes, but the process continues to run with different errors and process corruptions. This local corruption vulnerability can be exploited by local attackers.

Vulnerable Product	Search on Vulmon	Subscribe to Product
perfect-privacy vpn manager 1.10.11
perfect-privacy vpn manager 1.10.10

CWE-20 https://www.vulnerability-lab.com/get_content.php?id=2102 https://board.perfect-privacy.com/threads/reporting-a-security-bug-in-vpn-software-client-for-windows.2223/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-16637

Vulnerability Summary

References

Vulmon Search

About

Products

Connect