PT-2015-4321 · K7 Computing · K7 Computing Ultimate Security+2
Published
2015-02-06
·
Updated
2015-02-09
·
CVE-2014-9643
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
K7 Computing Ultimate Security versions prior to 14.2.0.253
K7 Computing Anti-Virus Plus versions prior to 14.2.0.253
K7 Computing Total Security versions prior to 14.2.0.253
Description
The issue allows local users to gain privileges by writing to arbitrary memory locations via crafted IOCTL calls, specifically 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8.
Recommendations
For K7 Computing Ultimate Security versions prior to 14.2.0.253, update to version 14.2.0.253 or later.
For K7 Computing Anti-Virus Plus versions prior to 14.2.0.253, update to version 14.2.0.253 or later.
For K7 Computing Total Security versions prior to 14.2.0.253, update to version 14.2.0.253 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
K7 Computing Anti-Virus Plus
K7 Computing Total Security
K7 Computing Ultimate Security