Lucene search

[email protected]CVE-2010-2308

HistoryJun 16, 2010 - 8:30 p.m.

CVE-2010-2308

2010-06-1620:30:02

[email protected]

web.nvd.nist.gov

cve-2010-2308

vulnerability

filter driver

sophos anti-virus

privilege escalation

ntqueryattributesfile

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

23.8%

JSON

Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function.

Affected configurations

NVD

Node

sophosanti-virusRange≤7.6.19

sophosanti-virusMatch3.4.6

sophosanti-virusMatch3.78

sophosanti-virusMatch3.78d

sophosanti-virusMatch3.79

sophosanti-virusMatch3.80

sophosanti-virusMatch3.81

sophosanti-virusMatch3.82

sophosanti-virusMatch3.83

sophosanti-virusMatch3.84

sophosanti-virusMatch3.85

sophosanti-virusMatch3.86

sophosanti-virusMatch3.90

sophosanti-virusMatch3.91

sophosanti-virusMatch3.95

sophosanti-virusMatch3.96.0

sophosanti-virusMatch4.03

sophosanti-virusMatch4.04

sophosanti-virusMatch4.05

sophosanti-virusMatch4.5.3

sophosanti-virusMatch4.5.4

sophosanti-virusMatch4.5.11

sophosanti-virusMatch4.5.12

sophosanti-virusMatch4.7.1

sophosanti-virusMatch4.7.2

sophosanti-virusMatch4.33.0

sophosanti-virusMatch5.0.1

sophosanti-virusMatch5.0.2

sophosanti-virusMatch5.0.4

sophosanti-virusMatch5.0.9

sophosanti-virusMatch5.1

sophosanti-virusMatch5.2

sophosanti-virusMatch5.2.1

sophosanti-virusMatch6.0.4

sophosanti-virusMatch6.5

sophosanti-virusMatch7.0

sophosanti-virusMatch7.0.5

sophosanti-virusMatch7.6

sophosanti-virusMatch7.6.14

sophosanti-virusMatch7.6.15

sophosanti-virusMatch7.6.16

sophosanti-virusMatch7.6.17

sophosanti-virusMatch7.6.18

CPENameOperatorVersion
sophos:anti-virussophos anti-virusle7.6.19
sophos:anti-virussophos anti-viruseq3.4.6
sophos:anti-virussophos anti-viruseq3.78
sophos:anti-virussophos anti-viruseq3.78d
sophos:anti-virussophos anti-viruseq3.79
sophos:anti-virussophos anti-viruseq3.80
sophos:anti-virussophos anti-viruseq3.81
sophos:anti-virussophos anti-viruseq3.82
sophos:anti-virussophos anti-viruseq3.83
sophos:anti-virussophos anti-viruseq3.84

CPE	Name	Operator	Version
sophos:anti-virus	sophos anti-virus	le	7.6.19
sophos:anti-virus	sophos anti-virus	eq	3.4.6
sophos:anti-virus	sophos anti-virus	eq	3.78
sophos:anti-virus	sophos anti-virus	eq	3.78d
sophos:anti-virus	sophos anti-virus	eq	3.79
sophos:anti-virus	sophos anti-virus	eq	3.80
sophos:anti-virus	sophos anti-virus	eq	3.81
sophos:anti-virus	sophos anti-virus	eq	3.82
sophos:anti-virus	sophos anti-virus	eq	3.83
sophos:anti-virus	sophos anti-virus	eq	3.84

Rows per page:

1-10 of 431

References

dvlabs.tippingpoint.com/advisory/TPTI-10-03

secunia.com/advisories/40085

www.securityfocus.com/archive/1/511773/100/0/threaded

www.securitytracker.com/id?1024089

www.sophos.com/support/knowledgebase/article/111126.html

www.vupen.com/english/advisories/2010/1412

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

23.8%

JSON

Related for CVE-2010-2308

nessus1 prion1 nvd1 cvelist1