{"cve": [{"lastseen": "2017-07-29T11:22:11", "bulletinFamily": "NVD", "description": "Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an unspecified mechanism for copying data into kernel memory, which allows local users to gain privileges via unspecified vectors.", "modified": "2017-07-28T21:32:47", "published": "2007-11-08T06:46:00", "id": "CVE-2007-4223", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4223", "title": "CVE-2007-4223", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:24", "bulletinFamily": "software", "description": "iDefense Security Advisory 11.06.07\r\nhttp://labs.idefense.com/intelligence/vulnerabilities/\r\nNov 06, 2007\r\n\r\nI. BACKGROUND\r\n\r\nDebugView is a system analysis tool designed to display debug messages\r\nbeing generated on the system. More information is available on the\r\nvendor's site at the following URL.\r\n\r\nhttp://www.microsoft.com/technet/sysinternals/utilities/debugview.mspx\r\n\r\nII. DESCRIPTION\r\n\r\nLocal exploitation of a design error vulnerability in Microsoft's\r\nDebugView could allow attackers to execute arbitrary kernel code.\r\n\r\nAs part of its design, DebugView loads a kernel module Dbgv.sys. This\r\nmodule includes functionality that can be abused to copy user supplied\r\ndata into the kernel, to controlled addresses. This allows malicious\r\nusers to inject arbitrary code into the running kernel.\r\n\r\nIII. ANALYSIS\r\n\r\nExploitation allows attackers to modify the kernel, resulting in the\r\narbitrary execution of code in kernel context.\r\n\r\nIn order to exploit this vulnerability, an administrator must launch the\r\nDebugView application, which will load the Dbgv.sys driver into the\r\nkernel. Once loaded, the vulnerable kernel module will be accessible by\r\nall users, and will remain loaded until the system is rebooted.\r\n\r\nIV. DETECTION\r\n\r\niDefense confirmed the existence of this vulnerability in Microsoft\r\nDebugView version 4.64. The specific file version of Dbgv.sys is\r\n4.60.0.0. This file is deleted automatically after being loaded and\r\nwill not be found on disk. Previous versions are suspected to be\r\nvulnerable as well.\r\n\r\nV. WORKAROUND\r\n\r\niDefense is currently unaware of any effective workaround for this\r\nissue.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nMicrosoft Sysinternals has addressed this vulnerability by releasing\r\nversion 4.72 of DebugView. For more information, visit the following\r\nURL.\r\n\r\nhttp://www.microsoft.com/technet/sysinternals/utilities/debugview.mspx\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\r\nname CVE-2007-4223 to this issue. This is a candidate for inclusion in\r\nthe CVE list (http://cve.mitre.org/), which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n08/21/2007 Initial vendor notification\r\n08/21/2007 Initial vendor response\r\n11/06/2007 Public disclosure\r\n\r\nIX. CREDIT\r\n\r\nThis vulnerability was reported to VeriSign iDefense by Stephen Fewer of\r\nHarmony Security (www.harmonysecurity.com)\r\n\r\nGet paid for vulnerability research\r\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com/\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright \u00a9 2007 iDefense, Inc.\r\n\r\nPermission is granted for the redistribution of this alert\r\nelectronically. It may not be edited in any way without the express\r\nwritten consent of iDefense. If you wish to reprint the whole or any\r\npart of this alert in any other medium other than electronically,\r\nplease e-mail customerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate\r\nat the time of publishing based on currently available information. Use\r\nof the information constitutes acceptance for use in an AS IS condition.\r\n There are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct,\r\nindirect, or consequential loss or damage arising from use of, or\r\nreliance on, this information.", "modified": "2007-11-07T00:00:00", "published": "2007-11-07T00:00:00", "id": "SECURITYVULNS:DOC:18365", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18365", "title": "iDefense Security Advisory 11.06.07: Microsoft DebugView Privilege Escalation Vulnerability", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:27", "bulletinFamily": "software", "description": "Dbgv.sys Driver allows any user to copy any data in kernel memory.", "modified": "2007-11-07T00:00:00", "published": "2007-11-07T00:00:00", "id": "SECURITYVULNS:VULN:8324", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8324", "title": "Microsoft Sysinternals DebugView privilege escalation", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2019-02-15T12:34:18", "bulletinFamily": "info", "description": "### *Detect date*:\n11/08/2007\n\n### *Severity*:\nCritical\n\n### *Description*:\nAn unspecified vulnerability was found in DebugView. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally at an unknown point.\n\n### *Affected products*:\nMicrosoft Sysinternals DebigView versions 4.71 and earlier\n\n### *Solution*:\nUpdate to latest version\n\n### *Impacts*:\nPE \n\n### *Related products*:\n[Microsoft DebugView](<https://threats.kaspersky.com/en/product/Microsoft-DebugView/>)\n\n### *CVE-IDS*:\n[CVE-2007-4223](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4223>)", "modified": "2019-02-13T00:00:00", "published": "2007-11-08T00:00:00", "id": "KLA10263", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10263", "title": "\r KLA10263LPE vulnerability in DebugView ", "type": "kaspersky", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nSecurity Tracker: 1018903\n[Secunia Advisory ID:27552](https://secuniaresearch.flexerasoftware.com/advisories/27552/)\nOther Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=621\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-11/0093.html\nISS X-Force ID: 38292\nFrSIRT Advisory: ADV-2007-3756\n[CVE-2007-4223](https://vulners.com/cve/CVE-2007-4223)\nBugtraq ID: 26359\n", "modified": "2007-11-06T18:48:09", "published": "2007-11-06T18:48:09", "href": "https://vulners.com/osvdb/OSVDB:38496", "id": "OSVDB:38496", "title": "Microsoft Sysinternals DebugView Dbgv.sys Local Privilege Escalation", "type": "osvdb", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}