Lucene search
RootSSV:4194HistoryOct 13, 2008 - 12:00 a.m.
Symantec Gear Device Driver本地特权提升漏洞
2008-10-1300:00:00
Root
www.seebug.org
11
0.0004 Low
EPSS
Percentile
5.3%
CVE ID:CVE-2008-3636
CNCVE ID:CNCVE-20083636
多个Symantec产品存在漏洞,允许本地攻击者提升特权。
问题是由于第三方驱动 "GEARspiWDM.sys"在处理来自用户空间应用程序的数据时缺少输入验证错误,允许恶意用户多次调用"IoAttachDevice"而使Windows内核触发整数溢出,导致以SYSTEM权限执行任意代码。
Symantec Gear Device Driver
目前没有解决方案提供:
<a href=“http://www.symantec.com” target=“_blank”>http://www.symantec.com</a>
Related
cve
cve
CVE-2008-3636
2008-09-11 01:13:10
nessus
nessus
Apple iTunes < 8.0 Integer Buffer Overflow (uncredentialed check)
2008-09-10 00:00:00
Apple iTunes < 8.0 Integer Buffer Overflow (credentialed check)
2008-09-10 00:00:00
cert
cert
Gear Software CD DVD Filter driver privilege escalation vulnerability
2008-10-07 00:00:00
prion
prion
Integer overflow
2008-09-11 01:13:00
openvas
openvas
Apple iTunes Local Privilege Escalation Vulnerability
2008-09-25 00:00:00
Apple iTunes Local Privilege Escalation Vulnerability
2008-09-25 00:00:00
cvelist
cvelist
CVE-2008-3636
2008-09-10 16:00:00
symantec
symantec
Symantec Device Driver Local Elevation of Privilege
2008-10-07 08:00:00
seebug
seebug
Apple iTunes第三方驱动本地特权提升漏洞
2008-09-11 00:00:00
nvd
nvd
CVE-2008-3636
2008-09-11 01:13:10