PT-2009-2678 · Creativelabs+1 · Es1371Mp.Sys+2

Published

2009-09-11

Updated

2018-10-11

CVE-2008-7211

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions CreativeLabs es1371mp.sys version 5.1.3612.0

Description The issue allows local users to gain SYSTEM privileges via a crafted IRP request that dereferences a NULL FsContext pointer, due to the lack of a Functional Device Object (FDO) to prevent user-mode access to the Physical Device Object (PDO). This occurs when the CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver is used in Ensoniq PCI 1371 sound cards and runs on Windows Vista.

Recommendations For CreativeLabs es1371mp.sys version 5.1.3612.0, consider restricting access to the Physical Device Object (PDO) to minimize the risk of exploitation, until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2008-7211

Affected Products

Ensoniq Pci 1371

Windows Vista

Es1371Mp.Sys

PT-2009-2678 · Creativelabs+1 · Es1371Mp.Sys+2

CVE-2008-7211

Related Identifiers

Affected Products

References · 5