CVE-2008-3636

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version GEARAspiWDM.sys version 2.0.7.5 and earlier, as used in Apple iTunes before 8.0 and other products

Description The issue is caused by an integer overflow in the IopfCompleteRequest API in the kernel, allowing context-dependent attackers to gain privileges. This can be exploited locally via repeated IoAttachDevice IOCTL calls to the .GEARAspiWDMDevice in the GEARAspiWDM.sys driver. The estimated number of potentially affected devices and details about real-world incidents are not provided.

Recommendations For Microsoft Windows, update to a version that includes the fix for the integer overflow in the IopfCompleteRequest API. For GEARAspiWDM.sys version 2.0.7.5 and earlier, consider disabling the IoAttachDevice IOCTL call to .GEARAspiWDMDevice until a patch is available. For Apple iTunes before 8.0, update to version 8.0 or later to mitigate the risk of exploitation.