CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

Prion•added 2009/01/28 3:30 p.m.•10 views

Design/Logic Flaw

The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service system crash or gain privileges via a crafted IOCTL request, as demonstrated by executi...

7.2CVSS7AI score0.00057EPSS

Exploits1References5

CVE•added 2009/01/28 3:0 p.m.•39 views

CVE-2008-6000

The CVE-2008-6000 entry concerns the GDTdiIcpt.sys driver used by G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008. A crafted IOCTL input to IOCTL 0x8317001c causes the driver to populate kernel registers in a way that can trigger a denial of service (system crash) or allow privil...

7.2CVSS6.7AI score0.00057EPSS

Exploits1References5Affected Software3

seebug.org•added 2008/09/22 12:0 a.m.•16 views

G DATA产品GDTdiIcpt.sys驱动内存破坏漏洞

BUGTRAQ ID: 31246 G DATA是德国的一家杀毒软件厂商。 G DATA产品所使用的GDTdiIcpt.sys内核驱动在处理IOCTL请求时存在错误，本地攻击者可以利用这个漏洞导致拒绝服务或执行任意内核级代码。 GDTdiIcpt.sys驱动未经验证便接受了用户提供的IOCTL 0x8317001c调用，这样就可以用任意值填充不同的内核寄存器。之后这些寄存器值被用作了内核函数的参数，因此特制参数可能完全控制Windows内核的执行流。以下是GDTdiIcpt.sys的反汇编（Windows Vista 32位版）： ... .text:00012510 cmp...

6.9AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by