PT-2018-4095 · Ahnlab · Ahnlab V3 Internet Security

Published

2018-04-24

Updated

2018-06-04

CVE-2013-3947

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions AhnLab V3 Internet Security version 8.0.7.5 (Build 1373)

Description The issue is related to a buffer overflow in the MedCoreD.sys component. This can be exploited by local users to gain privileges through a crafted 0xA3350014 IOCTL call.

Recommendations For AhnLab V3 Internet Security version 8.0.7.5 (Build 1373), consider restricting access to the MedCoreD.sys component until a patch is available. Avoid using the 0xA3350014 IOCTL call in the affected system until the issue is resolved.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-119

Related Identifiers

CVE-2013-3947

Affected Products

Ahnlab V3 Internet Security

PT-2018-4095 · Ahnlab · Ahnlab V3 Internet Security

CVE-2013-3947

Weakness Enumeration

Related Identifiers

Affected Products

References · 3