PT-2007-3843 · Ca · Inocore.Dll+2

Publicado

2007-05-11

Atualizado

2021-04-09

CVE-2007-2523

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 CA Anti-Virus for the Enterprise version prior to 8.0.448.0

Description The issue is related to weak permissions for the Task Service shared file mapping, which can be modified by local users. This can lead to a stack-based buffer overflow in InoCore.dll, allowing local users to gain privileges.

Recommendations For CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510, update to a version released after 20070510 to resolve the issue. For CA Anti-Virus for the Enterprise version prior to 8.0.448.0, update to version 8.0.448.0 or later to fix the problem.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-2523

Produtos afetados

Ca Anti-Virus For The Enterprise

Inocore.Dll

Threat Manager

PT-2007-3843 · Ca · Inocore.Dll+2

CVE-2007-2523

Identificadores relacionados

Produtos afetados

Referências · 13