Lucene search
K

146 matches found

NVD
NVD
added 2009/08/28 3:30 p.m.25 views

CVE-2008-7107

easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service crash via a crafted IOCTL 0x222003 request to the \.\easdrv device interface...

7.2CVSS6.1AI score0.00833EPSS
Exploits1References3
Prion
Prion
added 2009/08/13 4:30 p.m.18 views

Design/Logic Flaw

Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer...

7.2CVSS7.6AI score0.00654EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2009/08/13 4:0 p.m.22 views

CVE-2008-6962

Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer...

7.1AI score0.00654EPSS
Exploits0References4
CVE
CVE
added 2009/08/13 4:0 p.m.45 views

CVE-2008-6962

CVE-2008-6962 affects Avira AntiVir products (Premium/ Premium Security Suite/ Professional/ Personal - FREE). The issue stems from a crafted IOCTL request that overwrites a kernel pointer, enabling local code execution. NVD lists CVSSv2 base score 7.2 (HIGH) with LOCAL attack, low complexity, no...

7.2CVSS7.3AI score0.00654EPSS
Exploits0References4Affected Software4
NVD
NVD
added 2009/07/30 7:30 p.m.28 views

CVE-2009-2649

The IATA ata driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service kernel panic via a certain IOCTL request with a large count, which triggers a malloc call with a large value...

4.7CVSS6.1AI score0.00784EPSS
Exploits1References3
Prion
Prion
added 2009/07/30 7:30 p.m.18 views

Cross site request forgery (csrf)

The IATA ata driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service kernel panic via a certain IOCTL request with a large count, which triggers a malloc call with a large value...

4.7CVSS6.5AI score0.00784EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2009/01/28 3:30 p.m.17 views

Design/Logic Flaw

The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service system crash or gain privileges via a crafted IOCTL request, as demonstrated by executi...

7.2CVSS7AI score0.00578EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2009/01/02 12:0 a.m.30 views

NOD32 3.0/ESET Smart Security < 3.0.684 Local Privilege Escalation

NOD32 3.0/ESET Smart Security is installed on the remote host. The installed version is older than 3.0.684. Such versions are reportedly affected by a local privilege escalation issue. By sending a specially crafted request to an IOCTL request handler in 'epfw.sys', a local user may be able to...

7.2CVSS6.1AI score0.00805EPSS
Exploits0References3
Prion
Prion
added 2008/12/26 5:30 p.m.17 views

Design/Logic Flaw

The PGPwded device driver aka PGPwded.sys in PGP Corporation PGP Desktop 9.0.6 build 6060 and 9.9.0 build 397 allows local users to cause a denial of service system crash and possibly gain privileges via a certain METHODBUFFERED IOCTL request that overwrites portions of memory, related to a "Driv...

4.9CVSS7AI score0.00896EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2008/12/26 5:30 p.m.24 views

CVE-2008-5725

The NT kernel-mode driver aka pstrip.sys 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Device\Powerstrip1 that overwrites portions of memory...

7.2CVSS6.6AI score0.00846EPSS
Exploits1References6
Prion
Prion
added 2008/12/26 5:30 p.m.20 views

Cross site request forgery (csrf)

The NT kernel-mode driver aka pstrip.sys 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Device\Powerstrip1 that overwrites portions of memory...

7.2CVSS7.1AI score0.00846EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2008/12/26 5:8 p.m.29 views

CVE-2008-5725

The NT kernel-mode driver aka pstrip.sys 5.0.1.1 and earlier in EnTech Taiwan PowerStrip 3.84 and earlier allows local users to gain privileges via certain IRP parameters in an IOCTL request to \Device\Powerstrip1 that overwrites portions of memory...

6.6AI score0.00846EPSS
Exploits1References6
exploitpack
exploitpack
added 2008/11/07 12:0 a.m.21 views

Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow Local Privilege Escalation

Anti-Trojan Elite 4.2.1 - Atepmon.sys IOCTL Request Local Overflow Local Privilege Escalation source: https://www.securityfocus.com/bid/32202/info ISecSoft Anti-Trojan Elite and Anti-Keylogger Elite are prone to multiple local privilege-escalation vulnerabilities. An attacker can exploit these...

0.8AI score
Exploits0
NVD
NVD
added 2008/10/06 11:25 p.m.17 views

CVE-2008-4451

The SysInspector AntiStealth driver esiasdrv.sys 3.0.65535.0 in ESET System Analyzer Tool 1.1.1.0 allows local users to execute arbitrary code via a certain METHODNEITHER IOCTL request to \Device\esiasdrv that overwrites a pointer...

7.2CVSS7.2AI score0.00995EPSS
Exploits1References5
NVD
NVD
added 2008/09/30 11:24 p.m.16 views

CVE-2008-4363

DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service system crash or potentially execute arbitrary code via a certain DLMFENCIOCTL request to \.\DLKPFSDDevice that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was...

7.2CVSS7.3AI score0.01184EPSS
Exploits0References5
Prion
Prion
added 2008/09/30 11:24 p.m.17 views

Design/Logic Flaw

The Virtual Token driver vdlptokn.sys 1.0.2.43 in DESlock+ 3.2.7 allows local users to cause a denial of service system crash via a crafted IOCTL request to \Device\DLPTokenWalter0...

4.9CVSS6.6AI score0.00818EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2008/09/16 11:0 p.m.13 views

CVE-2008-4113

The sctpgetsockopthmacident function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows loc...

4.7CVSS4.8AI score0.00833EPSS
Exploits5References17
UbuntuCve
UbuntuCve
added 2008/09/16 11:0 p.m.36 views

CVE-2008-4113

The sctpgetsockopthmacident function in net/sctp/socket.c in the Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows loc...

4.7CVSS5.9AI score0.00833EPSS
Exploits5References2
NVD
NVD
added 2008/09/03 2:12 p.m.27 views

CVE-2008-3525

The sbniioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAPNETADMIN capability before processing a 1 SIOCDEVRESINSTATS, 2 SIOCDEVSHWSTATE, 3 SIOCDEVENSLAVE, or 4 SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass...

7.2CVSS5.9AI score0.0053EPSS
Exploits0References33
seebug.org
seebug.org
added 2008/06/20 12:0 a.m.15 views

Deterministic Network Extender dne2000.sys驱动本地权限提升漏洞

BUGTRAQ ID: 29772 Deterministic Network Enhancer(DNE)是用于扩展Windows联网栈的软件包。 DNE的驱动程序实现上存在漏洞,本地攻击者可以通过对DNE驱动(dne2000.sys)发送特制的IOCTL请求导致以内核级权限执行任意指令。 Citrix Deterministic Network Extender 2.21.7.233 - 3.21.7.17464 Citrix ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
Rows per page
Query Builder