3 matches found
CVE-2018-3971
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...
CVE-2018-3971
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP...
CVE-2018-3971
CVE-2018-3971 is a privilege-escalation flaw in Sophos HitmanPro.Alert (hmpalert.sys) 3.7.6.744, exploitable via IOCTL 0x2222CC. The vulnerability enables an attacker to perform an arbitrary write by supplying srcAddress, dstAddress, and srcSize; a write-what-where effect can copy data from the a...