CVE-2010-4502

Name of the Vulnerable Software and Affected Versions CA Internet Security Suite Plus 2010 version 6.2.0.22

Description The issue is caused by an integer overflow in the KmxSbx.sys driver, which allows local users to execute arbitrary code or cause a denial of service through pool corruption. This is achieved by passing crafted arguments to the "0x88000080" IOCTL, resulting in a buffer overflow.

Recommendations For CA Internet Security Suite Plus 2010 version 6.2.0.22, consider disabling the KmxSbx.sys driver as a temporary workaround until a patch is available. Restrict access to the IOCTL "0x88000080" to minimize the risk of exploitation.