Lucene search
+L

146 matches found

prion
prion
added 2008/06/16 8:41 p.m.24 views

Integer overflow

Integer signedness error in the ipsetsrcfilter function in the IP Multicast Filter in uts/common/inet/ip/ipmulti.c in the kernel in Sun Solaris 10 and OpenSolaris before snv92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large val...

7.2CVSS7.5AI score0.0059EPSS
Exploits1References8Affected Software2
prion
prion
added 2008/04/25 6:5 a.m.18 views

Server side request forgery (ssrf)

Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allow local users to create, write, and read registry keys via a crafted IOCTL request...

6.8CVSS6.7AI score0.00427EPSS
Exploits1References6Affected Software1
nvd
nvd
added 2008/04/25 6:5 a.m.19 views

CVE-2008-1932

Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request...

6.8CVSS7.4AI score0.00524EPSS
Exploits1References6
nvd
nvd
added 2008/04/25 6:5 a.m.18 views

CVE-2008-1931

Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allow local users to create, write, and read registry keys via a crafted IOCTL request...

6.8CVSS6.2AI score0.00427EPSS
Exploits1References6
prion
prion
added 2008/04/25 6:5 a.m.13 views

Integer overflow

Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request...

6.8CVSS8AI score0.00524EPSS
Exploits1References6Affected Software1
cve
cve
added 2008/04/24 6:0 p.m.54 views

CVE-2008-1931

The CVE-2008-1931 issue affects Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys on Windows Vista. A crafted IOCTL request lets a local user create, write, and read registry keys, indicating a local privilege escalation vulnerability. The root cause is improper handling of IOCTLs by t...

6.8CVSS6.2AI score0.00427EPSS
Exploits1References6Affected Software1
cve
cve
added 2008/04/24 6:0 p.m.57 views

CVE-2008-1932

CVE-2008-1932 affects Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys on Windows Vista. The root cause is an integer overflow triggered by a crafted IOCTL request, enabling a local user to execute arbitrary code . The vulnerability is described as a local privilege escalation in mult...

6.8CVSS7.4AI score0.00524EPSS
Exploits1References6Affected Software1
cvelist
cvelist
added 2008/04/24 6:0 p.m.22 views

CVE-2008-1931

Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allow local users to create, write, and read registry keys via a crafted IOCTL request...

6.2AI score0.00427EPSS
Exploits1References6
cvelist
cvelist
added 2008/04/24 6:0 p.m.18 views

CVE-2008-1932

Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request...

7.4AI score0.00524EPSS
Exploits1References6
cve
cve
added 2008/03/24 10:0 p.m.33 views

CVE-2008-1471

The CVE-2008-1471 issue affects Panda Security products using the cpoint.sys kernel driver (Panda Internet Security 2008 and Antivirus+ Firewall 2008). A crafted IOCTL request can trigger an out-of-bounds write in kernel memory, enabling a local attacker to cause a denial of service (system crash...

7.2CVSS7.3AI score0.01125EPSS
Exploits1References9Affected Software2
exploitpack
exploitpack
added 2008/03/05 12:0 a.m.15 views

SafeGuard PrivateDisk 2.02.3 - privatediskm.sys Multiple Local Security Bypass Vulnerabilities

SafeGuard PrivateDisk 2.02.3 - privatediskm.sys Multiple Local Security Bypass Vulnerabilities // source: https://www.securityfocus.com/bid/45749/info SafeGuard PrivateDisk is prone to multiple local security-bypass vulnerabilities. Attackers with physical access to a computer with the affected...

Exploits0
prion
prion
added 2008/02/05 2:0 a.m.12 views

Design/Logic Flaw

IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRVIOCTL IOCTL request...

7.2CVSS7.1AI score0.00837EPSS
Exploits1References5Affected Software3
nvd
nvd
added 2007/11/15 1:46 a.m.24 views

CVE-2007-4686

Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service system shutdown or gain privileges via a crafted TIOCSETD ioctl request...

7.2CVSS5.9AI score0.00373EPSS
Exploits1References10
prion
prion
added 2007/11/15 1:46 a.m.26 views

Stack overflow

Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table...

7.2CVSS7.5AI score0.00486EPSS
Exploits1References9Affected Software1
nvd
nvd
added 2007/11/15 1:46 a.m.24 views

CVE-2007-4267

Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table...

7.2CVSS7.2AI score0.00486EPSS
Exploits1References9
cvelist
cvelist
added 2007/11/15 1:0 a.m.31 views

CVE-2007-4267

Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table...

7.5AI score0.00486EPSS
Exploits1References9
cve
cve
added 2007/11/15 1:0 a.m.53 views

CVE-2007-4267

Apple Mac OS X 10.4–10.4.10 (and Mac OS X Server 10.4–10.4.10) contain a stack-based kernel overflow in the AppleTalk networking path. The vulnerability arises when an IOCTL adds an AppleTalk zone to a routing table, allowing a local attacker to cause arbitrary code execution with kernel privileg...

7.2CVSS7.5AI score0.00486EPSS
Exploits1References9Affected Software1
seebug
seebug
added 2007/11/14 12:0 a.m.44 views

WinPcap NPF.SYS bpf_filter_init函数本地权限提升漏洞

BUGTRAQ ID: 26409 CVECAN ID: CVE-2007-5756 WinPcap是WIN32平台上的网络分析和捕获数据包的链接库。 WinPcap的NPF.SYS设备驱动中的bpffilterinit函数存在无效的数组索引漏洞,这个函数的几处调用未经正确的边界检查便将用户所提供的输入值用作了数组索引。如果用特定的值执行了IOCTL请求,攻击者就可以破坏内核中的栈或池内存,导致执行任意指令。 通常在管理员使用WinPcap相关应用程序时会加载设备驱动,加载后正常用户都可以访问,使用这个驱动的程序退出后也不会卸载这个驱动,因此在手动卸载之前仍可利用。 WinPcap...

6.9CVSS6.4AI score0.00586EPSS
Exploits1
kaspersky
kaspersky
added 2007/11/13 12:0 a.m.32 views

KLA10395 LPE vulnerability in WinPcap

Array index errors were found in WinPcap. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a specially designed IOCTL request. Original advisories WinPcap changelog Related products WinPcap CVE list CVE-2007-5756 high Solution...

6.9CVSS6.7AI score0.00586EPSS
Exploits1References3
prion
prion
added 2007/08/21 5:17 p.m.15 views

Memory corruption

vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet Irp in a METHODNEITHER 1 IOCTL 0x8400000F or 2 IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations...

7.2CVSS7.1AI score0.00367EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder