Lucene search

[email protected]CVE-2014-8608

HistoryDec 12, 2014 - 3:59 p.m.

CVE-2014-8608

2014-12-1215:59:12

[email protected]

web.nvd.nist.gov

cve-2014-8608

k7sentry.sys

k7av sentry device driver

denial of service

null pointer dereference

security vulnerability

nvd

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.0%

JSON

The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to cause a denial of service (NULL pointer dereference) as demonstrated by a filename containing “crashme$$”.

Affected configurations

NVD

Node

k7computingk7av_sentry_device_driverRange≤12.8.0.118

CPENameOperatorVersion
k7computing:k7av_sentry_device_driverk7computing k7av sentry device driverle12.8.0.118

CPE	Name	Operator	Version
k7computing:k7av_sentry_device_driver	k7computing k7av sentry device driver	le	12.8.0.118

References

packetstormsecurity.com/files/129470/K7-Computing-Multiple-Products-Null-Pointer-Dereference.html

seclists.org/fulldisclosure/2014/Dec/45

www.securityfocus.com/bid/71615

www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8608/

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.0%

JSON

Related for CVE-2014-8608

prion1 nvd1 cvelist1