Lucene search

MitreCVE-2008-7211

HistorySep 11, 2009 - 4:30 p.m.

CVE-2008-7211

2009-09-1116:30:00

mitre

web.nvd.nist.gov

cve-2008-7211

ensoniq pci 1371 sound cards

audio driver vulnerability

windows vista

security vulnerability

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

0.4%

JSON

CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver, as used in Ensoniq PCI 1371 sound cards and when running on Windows Vista, does not create a Functional Device Object (FDO) to prevent user-moade access to the Physical Device Object (PDO), which allows local users to gain SYSTEM privileges via a crafted IRP request that dereferences a NULL FsContext pointer.

Affected configurations

Nvd

Node

soundblasterensoniq_pci_es1371_wdm_driverMatch5.1.3612.0

AND

microsoftwindows_vista

VendorProductVersionCPE
soundblasterensoniq_pci_es1371_wdm_driver5.1.3612.0cpe:2.3:h:soundblaster:ensoniq_pci_es1371_wdm_driver:5.1.3612.0:*:*:*:*:*:*:*
microsoftwindows_vista*cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
soundblaster	ensoniq_pci_es1371_wdm_driver	5.1.3612.0	cpe:2.3:h:soundblaster:ensoniq_pci_es1371_wdm_driver:5.1.3612.0:::::::*
microsoft	windows_vista	*	cpe:2.3:o:microsoft:windows_vista::::::::

References

www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=54

www.securityfocus.com/archive/1/485848/100/200/threaded

www.securityfocus.com/bid/27179

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2008-7211