24 matches found
EUVD-2018-18988
Malware in sbrugna...
MS15-097: Description of the security update for the graphics component in Windows: September 8, 2015
MS15-097: Description of the security update for the graphics component in Windows: September 8, 2015 Important This article contains information that shows how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific...
CVE-2018-7250
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak 16 bits of...
Code injection
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. An uninitialized kernel pool allocation in IOCTL 0xCA002813 allows a local unprivileged attacker to leak 16 bits of...
Race condition
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an...
CVE-2018-7249
An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an...
CVE-2018-7249
CVE-2018-7249 is a kernel-use-after-free in the secdrv.sys driver used by Microsoft Windows Vista/7/8/8.1 (pre-KB3086255) and Macrovision SafeDisc. Two carefully timed IOCTL 0xCA002813 calls can race to free a kernel object, enabling an unprivileged user to execute arbitrary code in the kernel. P...
CVE-2018-7250
CVE-2018-7250 affects secdrv.sys in Microsoft Windows Vista/7/8/8.1 (before KB3086255) and Macrovision SafeDisc. The issue is an uninitialized kernel pool allocation in IOCTL 0xCA002813 that allows a local unprivileged attacker to leak 16 bits of uninitialized kernel PagedPool data. Impact is inf...
(Pwn2Own) Microsoft Windows secdrv.sys Uninitialized Buffer Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the secdrv.sys...
Microsoft Windows SafeDisk driver buffer overflow
Buffer overflow in secdrv.sys driver allows code execution in syste, context...
MS07-067: Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)
Macrovision SafeDisc, a copy-protection application for Microsoft Windows, is installed on the remote host. The 'SECDRV.SYS' driver included with the version of SafeDisc currently installed on the remote host enables a local user to gain SYSTEM privileges using a specially crafted argument to the...
VulnCheck KEV: CVE-2007-5587
Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted...
Macrovision SafeDisc secdrv.sys Crafted METHOD_NEITHER IOCTL Local Overflow
Macrovision SafeDisc, a copy-protection application for Microsoft Windows, is installed on the remote host. The 'SECDRV.SYS' driver included with the version of SafeDisc currently installed on the remote host enables a local user to gain SYSTEM privileges using a specially crafted argument to the...
Macrovision SafeDisc SecDRV.SYS驱动本地权限提升漏洞
BUGTRAQ ID: 26121 Macrovision的Safedisc是目前最常用在商业数据光盘上的防拷机制。 Safedisc的secdrv.sys实现上存在漏洞,本地攻击者可能利用此漏洞控制系统。 Safedisc所提供的secdrv.sys驱动中的以下代码段: .text:00015E2C cmp ebp+var10, 0CA002813h .text:00015E33 jz short loc15E69 IOCTL为METHODNEITHER,该驱动没有正确地处理这个方式: .text:00015ED9 call dword ptr eax+10h ; Internal...
Windows XP core driver secdrv.sys a local elevation of privilege vulnerability-vulnerability warning-the black bar safety net
Windows XP core driver secdrv.sys a local elevation of privilege vulnerability Author: Polymorphours Email: [email protected] Homepage:http://www.whitecell.org Date: 2007-10-23 This kernel provide the right 0day found a period of days, is said to have recently been Symantec the Pick and...
Macrovision SafeDisc SecDRV.SYS Method_Neither本地特权提升漏洞
Macrovision SafeDisc是一款PC游戏的安全保护技术。 Macrovision SafeDisc不正确过滤用户输入,本地攻击者可以利用漏洞提升特权。 问题存在于secdrv.sys驱动中,在METHODNEITHER IOCTL存在一个输入问题,问题代码如下: .text:00015E2C cmp ebp+var10, 0CA002813h .text:00015E33 jz short loc15E69 可以看到IOCTL是METHODNEITHER: .text:00015ED9 call dword ptr eax+10h ; Internal Dispatcher...
Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day)
Hi, Symantec researcher Elia Florip has warned, at the company's weblog 1,of a 0day attack in Windows XP and 2003 that allows unprivileged users to gain SYSTEM privileges via a buggy driver installed by default. In his/her post, Elia brings us an important clue:"At the moment, it's still not clea...
CVE-2007-5587
Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argume...
Buffer overflow
Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argume...
Immunity Canvas: MS07_067
Name| ms07067 ---|--- CVE| CVE-2007-5587 Exploit Pack| CANVAS Description| Macrovision SecDrv.sys Arbitrary Overwrite Notes| References: www.microsoft.com/technet/security/Bulletin/MS07-067.mspx CVE Name: CVE-2007-5587 VENDOR: Microsoft MSADV: MS07-067 Date public: 10/17/07 CVE Url:...