PT-2016-4013 · Mcafee · Mcafee File Lock

Kyriakos Economou

Publicado

2016-01-29

Atualizado

2016-02-25

CVE-2015-8773

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions McAfee File Lock versions 5.x

Description The issue is related to a stack-based buffer overflow in the McPvDrv.sys driver, which can cause a denial of service, resulting in a system crash. This occurs when a long vault GUID is passed in an ioctl call.

Recommendations For McAfee File Lock version 5.x, update the McPvDrv.sys driver to a version that fixes the buffer overflow issue. As a temporary workaround, consider restricting the length of vault GUIDs passed to the ioctl call to prevent the buffer overflow.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2015-8773

Produtos afetados

Mcafee File Lock

PT-2016-4013 · Mcafee · Mcafee File Lock

CVE-2015-8773

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3