PT-2015-4321 · K7 Computing · K7 Computing Ultimate Security+2

Publicado

2015-02-06

Atualizado

2015-02-09

CVE-2014-9643

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions K7 Computing Ultimate Security versions prior to 14.2.0.253 K7 Computing Anti-Virus Plus versions prior to 14.2.0.253 K7 Computing Total Security versions prior to 14.2.0.253

Description The issue allows local users to gain privileges by writing to arbitrary memory locations via crafted IOCTL calls, specifically 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8.

Recommendations For K7 Computing Ultimate Security versions prior to 14.2.0.253, update to version 14.2.0.253 or later. For K7 Computing Anti-Virus Plus versions prior to 14.2.0.253, update to version 14.2.0.253 or later. For K7 Computing Total Security versions prior to 14.2.0.253, update to version 14.2.0.253 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2014-9643

Produtos afetados

K7 Computing Anti-Virus Plus

K7 Computing Total Security

K7 Computing Ultimate Security

PT-2015-4321 · K7 Computing · K7 Computing Ultimate Security+2

CVE-2014-9643

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6