CVE-2014-3752

2018-02-0117:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

High

EPSS

Percentile

5.1%

JSON

The MiniIcpt.sys driver in G Data TotalProtection 2014 24.0.2.1 and earlier allows local users with administrator rights to execute arbitrary code with SYSTEM privileges via a crafted 0x83170180 call.

References

packetstormsecurity.com/files/127227/G-Data-TotalProtection-2014-Code-Execution.html

seclists.org/fulldisclosure/2014/Jun/125

www.securityfocus.com/archive/1/532559/100/0/threaded

www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-3752/