EUVD-2010-2318

Malware in sbrugna...

Microsoft Windows - nt!NtQueryAttributesFile Kernel Stack Memory Disclosure Exploit

Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The paths that...

Microsoft Windows - 'nt!NtQueryAttributesFile' Kernel Stack Memory Disclosure

/ We have discovered that the nt!NtQueryAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The paths that we have observed to trigger the leak in our test...

Sophos Anti-Virus NtQueryAttributesFile()系统调用本地权限提升漏洞

BUGTRAQ ID: 40715 Sophos Anti-Virus是一款适用于多种操作系统的杀毒软件。 Sophos杀毒软件所使用的savonaccessfilter.sys过滤器驱动没有正确地处理NtQueryAttributesFile系统调用参数参数，本地用户可以通过提交特制的IOCTL请求以ring 0权限执行任意代码。 Sophos Anti-Virus 7.6.20 厂商补丁： Sophos ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Design/Logic Flaw

Unspecified vulnerability in the filter driver savonaccessfilter.sys in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function...

CVE-2010-2308

CVE-2010-2308 : A local privilege-escalation in Sophos Anti‑Virus affects the filter driver savonaccessfilter.sys prior to version 7.6.20. The root cause is an unspecified flaw that lets local users gain kernel/privilege level access by passing crafted arguments to NtQueryAttributesFile. Affected...