26 matches found
EUVD-2007-5562
Malware in sbrugna...
EUVD-2006-1201
Malware in sbrugna...
Microsoft Windows and Macrovision SafeDisc secdrv.sys driver memory misreference vulnerability
Microsoft Windows Vista, etc. are a series of operating systems released by Microsoft Corporation, U.S.A. Macrovision SafeDisc is a suite of copy protection programs for Windows applications and games distributed on CD-ROMs from the U.S.A. Macrovision. secdrv. sys is one of the drivers used by...
CVE-2018-7249
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an...
Race condition
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an...
CVE-2018-7249
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an...
CVE-2018-7250
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak 16 bits of...
Macrovision SafeDisc SecDRV.SYS Method_Neither Local Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26121/info Macrovision SafeDisc is prone to a local privilege-escalation vulnerability because it fails to adequately sanitize user-supplied input. Exploiting this vulnerability allows local attackers to execute arbitrary...
MS07-067: Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)
Macrovision SafeDisc, a copy-protection application for Microsoft Windows, is installed on the remote host. The 'SECDRV.SYS' driver included with the version of SafeDisc currently installed on the remote host enables a local user to gain SYSTEM privileges using a specially crafted argument to the...
VulnCheck KEV: CVE-2007-5587
Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted...
Macrovision SafeDisc secdrv.sys Crafted METHOD_NEITHER IOCTL Local Overflow
Macrovision SafeDisc, a copy-protection application for Microsoft Windows, is installed on the remote host. The 'SECDRV.SYS' driver included with the version of SafeDisc currently installed on the remote host enables a local user to gain SYSTEM privileges using a specially crafted argument to the...
Macrovision SafeDisc SecDRV.SYS驱动本地权限提升漏洞
BUGTRAQ ID: 26121 Macrovision的Safedisc是目前最常用在商业数据光盘上的防拷机制。 Safedisc的secdrv.sys实现上存在漏洞,本地攻击者可能利用此漏洞控制系统。 Safedisc所提供的secdrv.sys驱动中的以下代码段: .text:00015E2C cmp ebp+var10, 0CA002813h .text:00015E33 jz short loc15E69 IOCTL为METHODNEITHER,该驱动没有正确地处理这个方式: .text:00015ED9 call dword ptr eax+10h ; Internal...
Macrovision SafeDisc SecDRV.SYS Method_Neither本地特权提升漏洞
Macrovision SafeDisc是一款PC游戏的安全保护技术。 Macrovision SafeDisc不正确过滤用户输入,本地攻击者可以利用漏洞提升特权。 问题存在于secdrv.sys驱动中,在METHODNEITHER IOCTL存在一个输入问题,问题代码如下: .text:00015E2C cmp ebp+var10, 0CA002813h .text:00015E33 jz short loc15E69 可以看到IOCTL是METHODNEITHER: .text:00015ED9 call dword ptr eax+10h ; Internal Dispatcher...
Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day)
Hi, Symantec researcher Elia Florip has warned, at the company's weblog 1,of a 0day attack in Windows XP and 2003 that allows unprivileged users to gain SYSTEM privileges via a buggy driver installed by default. In his/her post, Elia brings us an important clue:"At the moment, it's still not clea...
CVE-2007-5587
Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argume...
Buffer overflow
Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argume...
CVE-2007-5587
Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argume...
CVE-2007-5587
The CVE-2007-5587 entry describes a local privilege-escalation vulnerability in Macrovision SafeDisc’s secdrv.sys driver. The root cause is a buffer overflow in secdrv.sys before 4.3.86.0, triggered by a crafted argument to a METHOD_NEITHER IOCTL, affecting Windows XP SP2, XP x64, Server 2003 SP1...
KLA10257 Vulnerability in Macrovision SafeDisc
A buffer overflow was found in Macrovision SafeDisc. By exploiting this vulnerability malicious users can overwrite arbitrary memory locations and gain privileges. This vulnerability can be exploited locally via a specially designed argument. Original advisories - Related products...
Macrovision SafeDisc - 'SecDRV.SYS' Method_Neither Privilege Escalation
source: https://www.securityfocus.com/bid/26121/info Macrovision SafeDisc is prone to a local privilege-escalation vulnerability because it fails to adequately sanitize user-supplied input. Exploiting this vulnerability allows local attackers to execute arbitrary malicious code with SYSTEM-level...