21 matches found
EUVD-2018-15757
Malware in sbrugna...
EUVD-2018-15756
Malware in sbrugna...
CVE-2020-9540
Sophos HitmanPro.Alert before build 861 allows local elevation of privilege...
CVE-2020-9540
Sophos HitmanPro.Alert before build 861 allows local elevation of privilege...
CVE-2020-9540
Sophos HitmanPro.Alert before build 861 allows local elevation of privilege...
Privilege escalation
Sophos HitmanPro.Alert before build 861 allows local elevation of privilege...
CVE-2020-9540
Sophos HitmanPro.Alert before build 861 allows local elevation of privilege...
Talos Vulnerability Deep Dive - TALOS-2018-0636 / CVE-2018-3971 Sophos HitmanPro.Alert vulnerability
Marcin Noga of Cisco Talos discovered this vulnerability. Introduction Sophos patched two vulnerabilities in Sophos HitmanPro.Alert in version 3.7.9.759. We publicly disclosed these issues last week here, Cisco Talos will show you the process of developing an exploit for one of these bugs. We wil...
Sophos HitmanPro.Alert Multiple Vulnerabilities - Windows
Sophos HitmanPro.Alert version 3.7.6.744 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Sophos HitmanPro.Alert x86 Detection (Windows SMB Login)
SMB login-based detection of Sophos HitmanPro.Alert. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-3971
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...
Design/Logic Flaw
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to...
Design/Logic Flaw
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...
CVE-2018-3970
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to...
CVE-2018-3970
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to...
CVE-2018-3971
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...
Vulnerability Spotlight: TALOS-2018-0635/0636 - Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities
Marcin Noga of Cisco Talos discovered this vulnerability. Overview Cisco Talos is disclosing two vulnerabilities in Sophos HitmanPro.Alert, a malware detection and protection tool. Both vulnerabilities lie in the input/output control IOCTL message handler. One could allow an attacker to read kern...
Sophos HitmanPro.Alert hmpalert 0x222000 kernel memory disclosure vulnerability
Summary An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP...
Sophos HitmanPro.Alert hmpalert 0x2222CC privilege escalation vulnerability
Summary An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can...
PT-2018-16351 · Sophos · Sophos Hitmanpro.Alert
Name of the Vulnerable Software and Affected Versions: Sophos HitmanPro.Alert version 3.7.6.744 Description: An arbitrary write issue exists in the 0x2222CC IOCTL handler functionality. A specially crafted IRP request can cause the driver to write data to an address controlled by an attacker,...