[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-1471Date: (C)2008-03-24   (M)2023-12-22


The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1019568
http://www.securityfocus.com/archive/1/489292/100/0/threaded
BID-28150
SECUNIA-29311
ADV-2008-0801
http://www.pandasecurity.com/homeusers/support/card?id=41231&idIdioma=2&ref=ProdExp
http://www.pandasecurity.com/homeusers/support/card?id=41337&idIdioma=2&ref=ProdExp
http://www.trapkit.de/advisories/TKADV2008-001.txt
panda-antivirus-cpointsys-priv-escalation(41079)

CPE    2
cpe:/o:microsoft:windows_vista:::x64
cpe:/o:microsoft:windows_xp:::x64
CWE    1
CWE-399

© SecPod Technologies