11 matches found
EUVD-2018-15776
Malware in sbrugna...
WIBU-SYSTEMS WibuKey.sys 0x8200E804 IOCTL Kernel Information Disclosure Vulnerability
Wibu-Systems WibuKey is a digital rights management DRM system from Wibu-Systems. A security vulnerability in WIBU-SYSTEMS WibuKey.sys 0x8200E804 IOCTL handling allows local attackers to exploit the vulnerability by submitting a special request to obtain a kernel memory information disclosure...
Memory corruption
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An...
Design/Logic Flaw
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400.A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker ca...
CVE-2018-3989
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400.A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker ca...
CVE-2018-3990
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An...
CVE-2018-3990
CVE-2018-3990 concerns WIBU-SYSTEMS WibuKey.sys (Version 6.40, Build 2400). The vulnerability exists in the 0x8200E804 IOCTL handler; a specially crafted IRP can trigger a buffer overflow, causing kernel memory corruption and potentially privilege escalation. Talos reports this vulnerability can ...
CVE-2018-3989
An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400.A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker ca...
CVE-2018-3989
CVE-2018-3989 affects WIBU-SYSTEMS WibuKey.sys (kernel driver) version 6.40 (Build 2400). A crafted IRP to IOCTL 0x8200E804 can cause the driver to return uninitialized kernel memory, producing kernel memory information disclosure. TALOS confirms this vulnerability vector and links it to the 0x82...
CVE-2018-3990
An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An...
WIBU-SYSTEMS WibuKey.sys 0x8200E804 kernel memory information disclosure vulnerability
Summary An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An...