8 matches found
CVE-2020-13509
An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP Using the IRP 0x9c4060cc gives a low privilege user direct access to the IN instruction that is completely unrestrained at ...
CVE-2020-13522
An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet IRP can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability...
CVE-2008-7211
CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver, as used in Ensoniq PCI 1371 sound cards and when running on Windows Vista, does not create a Functional Device Object FDO to prevent user-moade access to the Physical Device Object PDO, which allows local users to gain SYSTEM privileges via a...
Cross site request forgery (csrf)
The TrendMicro Activity Monitor Module tmactmon.sys 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009, and Security Pro 2008 and 2009, allows local users to gain privileges via a crafted IRP in a METHODNEITHER IOCTL request to \Device\tmactmon that overwrites memory...
CVE-2009-0686
The TrendMicro Activity Monitor Module tmactmon.sys 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009, and Security Pro 2008 and 2009, allows local users to gain privileges via a crafted IRP in a METHODNEITHER IOCTL request to \Device\tmactmon that overwrites memory...
CVE-2008-5724
The Personal Firewall driver aka epfw.sys 3.0.672.0 and earlier in ESET Smart Security 3.0.672 and earlier allows local users to gain privileges via a crafted IRP in a certain METHODNEITHER IOCTL request to \Device\Epfw that overwrites portions of memory...
Memory corruption
vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet Irp in a METHODNEITHER 1 IOCTL 0x8400000F or 2 IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations...
Memory corruption
Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via ...