Lucene search

[email protected]CVE-2008-5049

HistoryNov 13, 2008 - 2:30 a.m.

CVE-2008-5049

2008-11-1302:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-5049

buffer overflow

akeprotect.sys

isecsoft anti-keylogger elite

privilege escalation

local users

nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Buffer overflow in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger Elite 3.3.0 and earlier, and possibly other versions including 3.3.3, allows local users to gain privileges via long inputs to the (1) 0x002224A4, (2) 0x002224C0, and (3) 0x002224CC IOCTL.

Affected configurations

NVD

Node

isecsoftanti-keylogger_eliteRange≤3.3.0

CPENameOperatorVersion
isecsoft:anti-keylogger_eliteisecsoft anti-keylogger elitele3.3.0

CPE	Name	Operator	Version
isecsoft:anti-keylogger_elite	isecsoft anti-keylogger elite	le	3.3.0

References

secunia.com/advisories/32634

securityreason.com/securityalert/4582

www.ntinternals.org/ntiadv0802/ntiadv0802.html

www.securityfocus.com/bid/32202

exchange.xforce.ibmcloud.com/vulnerabilities/46465

www.exploit-db.com/exploits/7054

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2008-5049

nvd1 cvelist1 prion1