All the vulnerabilites related to bullguard - internet_security
cve-2008-5409
Vulnerability from cvelistv5
Published
2008-12-09 11:00
Modified
2024-08-07 10:49
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/32789 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/27805 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/50205 | vdb-entry, x_refsource_OSVDB | |
| https://www.exploit-db.com/exploits/7178 | exploit, x_refsource_EXPLOIT-DB | |
| http://osvdb.org/50103 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/32396 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/46750 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/32814 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/50010 | vdb-entry, x_refsource_OSVDB | |
| http://milw0rm.com/sploits/2008-BitDefenderDOS.zip | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32789"
},
{
"name": "27805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27805"
},
{
"name": "50205",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50205"
},
{
"name": "7178",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/7178"
},
{
"name": "50103",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50103"
},
{
"name": "32396",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32396"
},
{
"name": "bitdefender-pdf-dos(46750)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"name": "32814",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32814"
},
{
"name": "50010",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50010"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32789"
},
{
"name": "27805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27805"
},
{
"name": "50205",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50205"
},
{
"name": "7178",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/7178"
},
{
"name": "50103",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50103"
},
{
"name": "32396",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32396"
},
{
"name": "bitdefender-pdf-dos(46750)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"name": "32814",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32814"
},
{
"name": "50010",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50010"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32789",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32789"
},
{
"name": "27805",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27805"
},
{
"name": "50205",
"refsource": "OSVDB",
"url": "http://osvdb.org/50205"
},
{
"name": "7178",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/7178"
},
{
"name": "50103",
"refsource": "OSVDB",
"url": "http://osvdb.org/50103"
},
{
"name": "32396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32396"
},
{
"name": "bitdefender-pdf-dos(46750)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"name": "32814",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32814"
},
{
"name": "50010",
"refsource": "OSVDB",
"url": "http://osvdb.org/50010"
},
{
"name": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip",
"refsource": "MISC",
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5409",
"datePublished": "2008-12-09T11:00:00",
"dateReserved": "2008-12-08T00:00:00",
"dateUpdated": "2024-08-07T10:49:12.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9642
Vulnerability from cvelistv5
Published
2015-02-06 15:00
Modified
2024-08-06 13:47
Severity ?
EPSS score ?
Summary
bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.greyhathacker.net/?p=818 | x_refsource_MISC | |
| http://www.osvdb.org/114478 | vdb-entry, x_refsource_OSVDB | |
| http://www.bullguard.com/about/release-notes.aspx | x_refsource_CONFIRM | |
| http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/35994 | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "114478",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/114478"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"name": "35994",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/35994"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-06T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "114478",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/114478"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"name": "35994",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/35994"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.greyhathacker.net/?p=818",
"refsource": "MISC",
"url": "http://www.greyhathacker.net/?p=818"
},
{
"name": "114478",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/114478"
},
{
"name": "http://www.bullguard.com/about/release-notes.aspx",
"refsource": "CONFIRM",
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"name": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"name": "35994",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35994"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9642",
"datePublished": "2015-02-06T15:00:00",
"dateReserved": "2015-01-22T00:00:00",
"dateUpdated": "2024-08-06T13:47:41.759Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2008-12-10 06:44
Modified
2024-11-21 00:54
Severity ?
Summary
Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bitdefender | antivirus | 10 | |
| bitdefender | bitdefender | 10 | |
| bullguard | internet_security | 8.5 | |
| software602 | groupware_server | 6.0.08.1118 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bitdefender:antivirus:10:_nil_:standard:*:*:*:*:*",
"matchCriteriaId": "99345132-856D-4E53-AE8F-101308FCC42E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:10:_nil_:free_edition:*:*:*:*:*",
"matchCriteriaId": "62BA09A9-6D2C-4C35-BB3E-B517BCC9B6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bullguard:internet_security:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B6B4BB76-CF3D-45E6-BB29-F4BBB547C7E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:software602:groupware_server:6.0.08.1118:*:*:*:*:*:*:*",
"matchCriteriaId": "F8EE9C8A-9417-4A5A-90A0-5F6D8EB4370B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el m\u00f3dulo pdf.xmd en (1) BitDefender Free Edition 10 y Antivirus Standard 10, (2) BullGuard Internet Security v8.5, y (3) Software602 Groupware Server v6.0.08.1118, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo PDF manipulado, seguramente relacionado con la inclusi\u00f3n de flujos comprimidos que son procesados con el filtro ASCIIHexDecode. NOTA: algunos de \u00e9stos detalles han sido obtenidos a partir de terceros."
}
],
"id": "CVE-2008-5409",
"lastModified": "2024-11-21T00:54:02.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-12-10T06:44:42.423",
"references": [
{
"source": "cve@mitre.org",
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/50010"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/50103"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/50205"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27805"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32789"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32814"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/32396"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/7178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://milw0rm.com/sploits/2008-BitDefenderDOS.zip"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/50010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/50103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/50205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/32396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/7178"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-06 15:59
Modified
2024-11-21 02:21
Severity ?
Summary
bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bullguard | bdagent.sys | * | |
| bullguard | internet_security | * | |
| bullguard | online_backup | * | |
| bullguard | premium_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bullguard:bdagent.sys:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4E905E-BBDD-48D6-9728-E8A12979F89D",
"versionEndIncluding": "1.0.0.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bullguard:internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED77E9F1-A921-435E-A698-C4A8A5B3CB45",
"versionEndIncluding": "14.1.287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bullguard:online_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECB75524-651D-4AD9-9319-E57DC92EAA39",
"versionEndIncluding": "14.1.287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bullguard:premium_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F53B571-68FC-4961-8413-0976C4514853",
"versionEndIncluding": "14.1.287",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call."
},
{
"lang": "es",
"value": "bdagent.sys en BullGuard Antivirus, Internet Security, Premium Protection, y Online Backup anterior a 15.0.288 permite a usuarios locales escribir datos a localizaciones de memoria arbitrarias, y como consecuencia ganar privilegios, a trav\u00e9s de una llamada IOCTL 0x0022405c manipulada."
}
],
"id": "CVE-2014-9642",
"lastModified": "2024-11-21T02:21:18.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-06T15:59:10.057",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/35994"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/114478"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.bullguard.com/about/release-notes.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/35994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.greyhathacker.net/?p=818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/114478"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}