Lucene search

K
cve[email protected]CVE-2005-2986
HistorySep 20, 2005 - 12:03 a.m.

CVE-2005-2986

2005-09-2000:03:00
web.nvd.nist.gov
25
cve-2005-2986
v3flt2k.sys
ahnlab v3pro
deviceiocontrol
remote attackers
privilege escalation
nvd

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.3%

The v3flt2k.sys driver in AhnLab V3Pro 2004 Build 6.0.0.383, V3 VirusBlock 2005 Build 6.0.0.383, V3Net for Windows Server 6.0 Build 6.0.0.383 does not properly validate the source of the DeviceIoControl commands, which allows remote attackers to gain privileges.

Affected configurations

NVD
Node
ahnlabv3_virusblock_2005Match6.0.0.383
OR
ahnlabv3netMatch6.0.0.383win_server
OR
ahnlabv3pro_2004Match6.0.0.383

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.3%

Related for CVE-2005-2986