CVE-2021-27203

In Dekart Private Disk 2.15, invalid use of the Type3 user buffer for IOCTL codes using METHODNEITHER results in arbitrary memory dereferencing...

Memory corruption

In Dekart Private Disk 2.15, invalid use of the Type3 user buffer for IOCTL codes using METHODNEITHER results in arbitrary memory dereferencing...

CVE-2019-19197

CVE-2019-19197 relates to IOCTL handling in the kyrld.sys driver of Kyrol Internet Security 9.0.6.9. The vulnerability arises when 0x9C402401 is issued via METHOD_NEITHER, leading to a read primitive that enables local privilege escalation, denial of service, and potential code execution in userm...

Cross site request forgery (csrf)

The TrendMicro Activity Monitor Module tmactmon.sys 2.52.0.1002 in Trend Micro Internet Pro 2008 and 2009, and Security Pro 2008 and 2009, allows local users to gain privileges via a crafted IRP in a METHODNEITHER IOCTL request to \Device\tmactmon that overwrites memory...

CVE-2009-0824

CVE-2009-0824 affects ElbyCDIO.sys and related SlySoft/Elby components (AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, CloneCD 5.3.1.3 and earlier). The issue is a buffer validation problem in IOCTL handling using METHOD_NEITHER, allowing a local atta...

CVE-2008-3761

hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 uses the METHODNEITHER communication method for IOCTLs, which allows local users to cause a denia...

CVE-2008-3761

CVE-2008-3761 affects VMware hosted products (e.g., Workstation 6.5.x and earlier, Player 2.5.x and earlier, ACE 2.5.x and earlier, Server 1.x/2.x prior to specific patches) via METHOD_NEITHER IOCTL handling in hcmon.sys, enabling local denial of service through a crafted IOCTL. Connected advisor...

vmwarework-dos.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - Orange Bat advisory - Name : VMWare Workstation hcmon.sys 6.0.0.45731 Class : DoS Published : 2008-08-17 Credit : g g orange-bat com - - Details - Fails to sanitize pointers sent from usermode with METHODNEITHER. hcmon.sys: .text:00011606 loc11606...

CVE-2007-5762

CVE-2007-5762 affects the NICM.SYS driver (3.0.0.4) used by Novell NetWare Client 4.91 SP4. The vulnerability allows local users to escalate privileges to kernel mode by opening the .icm device and sending crafted IOCTLs with METHOD_NEITHER, passing kernel addresses as arguments. The issue arises...

Macrovision SafeDisc secdrv.sys Crafted METHOD_NEITHER IOCTL Local Overflow

Macrovision SafeDisc, a copy-protection application for Microsoft Windows, is installed on the remote host. The 'SECDRV.SYS' driver included with the version of SafeDisc currently installed on the remote host enables a local user to gain SYSTEM privileges using a specially crafted argument to the...

Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day)

Hi, Symantec researcher Elia Florip has warned, at the company's weblog 1,of a 0day attack in Windows XP and 2003 that allows unprivileged users to gain SYSTEM privileges via a buggy driver installed by default. In his/her post, Elia brings us an important clue:"At the moment, it's still not clea...

Buffer overflow

Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argume...

[Reversemode Advisory] TrendMicro Products - multiple privilege escalation vulnerabilities.

Trend Micro Products Multiple Local Privilege Escalation Vulnerabilities Discovered by: Rubйn Santamarta [email protected] Affected products: Client / Server / Messaging Security for SMB – 3.5 PC-cillin Internet Security - 2007, Trend Micro AntiVirus – 2007 Trend Micro Anti-Spyware for SMB –...