Lucene search

[email protected]CVE-2007-5634

HistoryOct 23, 2007 - 5:46 p.m.

CVE-2007-5634

2007-10-2317:46:00

CWE-119

[email protected]

web.nvd.nist.gov

speedfan.sys

buffer overflow

speedfan 4.33

windows vista x64

cve-2007-5634

privilege escalation

denial of service

nvd

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Speedfan.sys in Alfredo Milani Comparetti SpeedFan 4.33, when used on Microsoft Windows Vista x64, does not properly check a buffer during an IOCTL 0x9c402420 call, which allows local users to cause a denial of service (machine crash) and possibly gain privileges via unspecified vectors.

Affected configurations

NVD

Node

microsoftwindows_vistax64

AND

almicospeedfanMatch4.33

CPENameOperatorVersion
almico:speedfanalmico speedfaneq4.33

CPE	Name	Operator	Version
almico:speedfan	almico speedfan	eq	4.33

References

secunia.com/advisories/27312

www.bugtrack.almico.com/view.php?id=987

exchange.xforce.ibmcloud.com/vulnerabilities/37299

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-5634

prion1 cvelist1 nvd1