147 matches found
Race condition
Race condition in G DATA TotalCare 2010 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler...
CVE-2010-5162
Race condition in G DATA TotalCare 2010 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler...
CVE-2010-5162
CVE-2010-5162 describes a race condition in G DATA TotalCare 2010 for Windows XP that allows local users to bypass kernel-mode hook handlers via certain user-space memory changes during hook-handler execution (an argument-switch or KHOBE attack). Affected software is G DATA TotalCare 2010; the ro...
PT-2012-1374 · G Data · G Data Totalcare
Name of the Vulnerable Software and Affected Versions: G DATA TotalCare version 2010 Description: A race condition in G DATA TotalCare 2010 on Windows XP allows local users to bypass kernel-mode hook handlers and execute dangerous code that would otherwise be blocked by a handler but not blocked ...
CVE-2012-1443
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal aka Cat QuickHeal 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0....
G Data TotalCare 2011 - Local Kernel
G Data TotalCare 2011 - Local Kernel / Exploit Title: G Data TotalCare 2011 0day Local Kernel Exploit Date: 2010-11-08 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.gdata.de/ Version: up to date, version 21.1.0.5, MiniIcpt.sys version 1.0.8.9 Tested on: Win XP SP3 CVE :...
G Data TotalCare 2011 Local Kernel Exploit
/ Exploit Title: G Data TotalCare 2011 0day Local Kernel Exploit Date: 2010-11-08 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.gdata.de/ Version: up to date, version 21.1.0.5, MiniIcpt.sys version 1.0.8.9 Tested on: Win XP SP3 CVE : CVE-NO-MATCH Status : Unpatched / inclu...
G Data TotalCare 2011 - Local Kernel
/ Exploit Title: G Data TotalCare 2011 0day Local Kernel Exploit Date: 2010-11-08 Author: Nikita Tarakanov CISS Research Team Software Link: http://www.gdata.de/ Version: up to date, version 21.1.0.5, MiniIcpt.sys version 1.0.8.9 Tested on: Win XP SP3 CVE : CVE-NO-MATCH Status : Unpatched / inclu...
G Data TotalCare 2011 - NtOpenKey Race Condition
G Data TotalCare 2011 - NtOpenKey Race Condition 1.Description: The HookCentre.sys kernel driver distributed with G Data TotalCare 2011 contains a race condition vulnerability in the handling arguments of NtOpenkey function. Exploitation of this issue allows an attacker to crash systemmake infamo...
G Data TotalCare 2011 - 'NtOpenKey' Race Condition
1.Description: The HookCentre.sys kernel driver distributed with G Data TotalCare 2011 contains a race condition vulnerability in the handling arguments of NtOpenkey function. Exploitation of this issue allows an attacker to crash systemmake infamous BSoD or gain escalated priviligies. An attacke...
Число новых компьютерных вирусов в 2010 году приближается к 2 миллионам
12:30 17.09.2010 По данным Nielsen Online, 51 % европейцев пользуются социальными сетями, такими как Facebook или Xing. Популярность социальных сетей привлекает кибер-преступников, которые используют их с целью нападения на пользователей. Преступники создают компьютерные вирусы для получения...
49% женщин вообще не используют антивирусные программы
Согласно данным социологического исследования, проведённого компанией G Data Software среди женщин в возрасте до 30 лет, 74% из 500 опрошенных представительниц прекрасного пола не уделяют достаточного внимания обеспечению антивирусной защиты своего ПК. Исследование показало, что только 23%...
Design/Logic Flaw
The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service system crash or gain privileges via a crafted IOCTL request, as demonstrated by executi...
CVE-2008-6000
The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service system crash or gain privileges via a crafted IOCTL request, as demonstrated by executi...
CVE-2008-6000
The CVE-2008-6000 entry concerns the GDTdiIcpt.sys driver used by G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008. A crafted IOCTL input to IOCTL 0x8317001c causes the driver to populate kernel registers in a way that can trigger a denial of service (system crash) or allow privil...
CVE-2008-6000
The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service system crash or gain privileges via a crafted IOCTL request, as demonstrated by executi...
G DATA产品GDTdiIcpt.sys驱动内存破坏漏洞
BUGTRAQ ID: 31246 G DATA是德国的一家杀毒软件厂商。 G DATA产品所使用的GDTdiIcpt.sys内核驱动在处理IOCTL请求时存在错误,本地攻击者可以利用这个漏洞导致拒绝服务或执行任意内核级代码。 GDTdiIcpt.sys驱动未经验证便接受了用户提供的IOCTL 0x8317001c调用,这样就可以用任意值填充不同的内核寄存器。之后这些寄存器值被用作了内核函数的参数,因此特制参数可能完全控制Windows内核的执行流。 以下是GDTdiIcpt.sys的反汇编(Windows Vista 32位版): ... .text:00012510 cmp...
CVE-2007-5436
Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath function. NOTE: this issue might not cross privilege boundaries in most environments, since it is not...
Buffer overflow
Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath function. NOTE: this issue might not cross privilege boundaries in most environments, since it is not...
CVE-2007-5436
The CVE-2007-5436 entry concerns G DATA Antivirus 2007. A buffer overflow in the ActiveX control ScanObjectBrowser.DLL, specifically in the SelectPath function, could allow remote code execution via unspecified parameters. The issue is described as not crossing privilege boundaries in many enviro...