cvelistv5 - cve-2008-1471

cve-2008-1471

Vulnerability from cvelistv5

Published

2008-03-24 22:00

Modified

2024-08-07 08:24

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/29311	Vendor Advisory
cve@mitre.org	http://www.pandasecurity.com/homeusers/support/card?id=41231&idIdioma=2&ref=ProdExp	Patch
cve@mitre.org	http://www.pandasecurity.com/homeusers/support/card?id=41337&idIdioma=2&ref=ProdExp	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/489292/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/28150	Patch
cve@mitre.org	http://www.securitytracker.com/id?1019568
cve@mitre.org	http://www.trapkit.de/advisories/TKADV2008-001.txt	Exploit, Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0801/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/41079
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29311	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.pandasecurity.com/homeusers/support/card?id=41231&idIdioma=2&ref=ProdExp	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.pandasecurity.com/homeusers/support/card?id=41337&idIdioma=2&ref=ProdExp	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/489292/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28150	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019568
af854a3a-2127-422b-91ae-364da2661108	http://www.trapkit.de/advisories/TKADV2008-001.txt	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0801/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41079

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:24:42.857Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "29311",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29311"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp"
          },
          {
            "name": "ADV-2008-0801",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0801/references"
          },
          {
            "name": "28150",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28150"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.trapkit.de/advisories/TKADV2008-001.txt"
          },
          {
            "name": "1019568",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019568"
          },
          {
            "name": "20080308 [TKADV2008-001] Panda Internet Security/Antivirus+Firewall 2008 cpoint.sys Kernel Driver Memory Corruption Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/489292/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp"
          },
          {
            "name": "panda-antivirus-cpointsys-priv-escalation(41079)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41079"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "29311",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29311"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp"
        },
        {
          "name": "ADV-2008-0801",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0801/references"
        },
        {
          "name": "28150",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28150"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.trapkit.de/advisories/TKADV2008-001.txt"
        },
        {
          "name": "1019568",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019568"
        },
        {
          "name": "20080308 [TKADV2008-001] Panda Internet Security/Antivirus+Firewall 2008 cpoint.sys Kernel Driver Memory Corruption Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/489292/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp"
        },
        {
          "name": "panda-antivirus-cpointsys-priv-escalation(41079)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41079"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1471",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "29311",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29311"
            },
            {
              "name": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp",
              "refsource": "CONFIRM",
              "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp"
            },
            {
              "name": "ADV-2008-0801",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0801/references"
            },
            {
              "name": "28150",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28150"
            },
            {
              "name": "http://www.trapkit.de/advisories/TKADV2008-001.txt",
              "refsource": "MISC",
              "url": "http://www.trapkit.de/advisories/TKADV2008-001.txt"
            },
            {
              "name": "1019568",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019568"
            },
            {
              "name": "20080308 [TKADV2008-001] Panda Internet Security/Antivirus+Firewall 2008 cpoint.sys Kernel Driver Memory Corruption Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/489292/100/0/threaded"
            },
            {
              "name": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp",
              "refsource": "CONFIRM",
              "url": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp"
            },
            {
              "name": "panda-antivirus-cpointsys-priv-escalation(41079)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41079"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1471",
    "datePublished": "2008-03-24T22:00:00",
    "dateReserved": "2008-03-24T00:00:00",
    "dateUpdated": "2024-08-07T08:24:42.857Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows-nt:vista:*:x32:*:*:*:*:*\", \"matchCriteriaId\": \"8C7E0F58-4948-4785-816F-6B2DC5FEA18E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*\", \"matchCriteriaId\": \"EEC92A11-2DA9-45B0-8887-876126DA6940\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:*:pro:*:*:*:*:*\", \"matchCriteriaId\": \"26CF0F23-E9B6-415F-868A-C883EF11F389\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*\", \"matchCriteriaId\": \"1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*\", \"matchCriteriaId\": \"ACF75FC8-095A-4EEA-9A41-C27CFF3953FB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:panda:panda_antivirus_and_firewall:2008:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4D1D99A-22AA-4FC6-ADEF-2759EB96CF5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:panda:panda_internet_security:2008:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"045DD35A-DBE0-412F-AEE0-CA333328A59D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory.\"}, {\"lang\": \"es\", \"value\": \"El dispositivo cpoint.sys driver en Panda Internet Security 2008 y Antivirus+ Firewall 2008 permite a usuarios locales provocar una denegaci\\u00f3n de servicio (ca\\u00edda del sistema o kernel panic), sobrescribir memoria o ejecutar c\\u00f3digo de su elecci\\u00f3n a trav\\u00e9s de una petici\\u00f3n IOCTL manipulada que dispara una escritura en memoria fuera de l\\u00edmite.\"}]",
      "id": "CVE-2008-1471",
      "lastModified": "2024-11-21T00:44:37.097",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-03-24T22:44:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/29311\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/489292/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/28150\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1019568\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.trapkit.de/advisories/TKADV2008-001.txt\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0801/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/41079\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/29311\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/489292/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/28150\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1019568\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.trapkit.de/advisories/TKADV2008-001.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0801/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/41079\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-1471\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-03-24T22:44:00.000\",\"lastModified\":\"2024-11-21T00:44:37.097\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory.\"},{\"lang\":\"es\",\"value\":\"El dispositivo cpoint.sys driver en Panda Internet Security 2008 y Antivirus+ Firewall 2008 permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema o kernel panic), sobrescribir memoria o ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una petici\u00f3n IOCTL manipulada que dispara una escritura en memoria fuera de l\u00edmite.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows-nt:vista:*:x32:*:*:*:*:*\",\"matchCriteriaId\":\"8C7E0F58-4948-4785-816F-6B2DC5FEA18E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*\",\"matchCriteriaId\":\"EEC92A11-2DA9-45B0-8887-876126DA6940\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:*:pro:*:*:*:*:*\",\"matchCriteriaId\":\"26CF0F23-E9B6-415F-868A-C883EF11F389\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*\",\"matchCriteriaId\":\"1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*\",\"matchCriteriaId\":\"ACF75FC8-095A-4EEA-9A41-C27CFF3953FB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:panda:panda_antivirus_and_firewall:2008:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4D1D99A-22AA-4FC6-ADEF-2759EB96CF5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:panda:panda_internet_security:2008:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"045DD35A-DBE0-412F-AEE0-CA333328A59D\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/29311\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/archive/1/489292/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/28150\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1019568\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.trapkit.de/advisories/TKADV2008-001.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0801/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41079\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/29311\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/archive/1/489292/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/28150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1019568\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.trapkit.de/advisories/TKADV2008-001.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0801/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41079\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2008-1471

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2008-1471

Aliases

CVE-2008-1471

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-1471",
    "description": "The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory.",
    "id": "GSD-2008-1471"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-1471"
      ],
      "details": "The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory.",
      "id": "GSD-2008-1471",
      "modified": "2023-12-13T01:23:02.848439Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-1471",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "29311",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/29311"
          },
          {
            "name": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp",
            "refsource": "CONFIRM",
            "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp"
          },
          {
            "name": "ADV-2008-0801",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0801/references"
          },
          {
            "name": "28150",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/28150"
          },
          {
            "name": "http://www.trapkit.de/advisories/TKADV2008-001.txt",
            "refsource": "MISC",
            "url": "http://www.trapkit.de/advisories/TKADV2008-001.txt"
          },
          {
            "name": "1019568",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1019568"
          },
          {
            "name": "20080308 [TKADV2008-001] Panda Internet Security/Antivirus+Firewall 2008 cpoint.sys Kernel Driver Memory Corruption Vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/489292/100/0/threaded"
          },
          {
            "name": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp",
            "refsource": "CONFIRM",
            "url": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp"
          },
          {
            "name": "panda-antivirus-cpointsys-priv-escalation(41079)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41079"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:*:pro:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows-nt:vista:*:x32:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:panda:panda_antivirus_and_firewall:2008:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:panda:panda_internet_security:2008:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1471"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.trapkit.de/advisories/TKADV2008-001.txt",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "http://www.trapkit.de/advisories/TKADV2008-001.txt"
            },
            {
              "name": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp"
            },
            {
              "name": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp"
            },
            {
              "name": "28150",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/28150"
            },
            {
              "name": "1019568",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1019568"
            },
            {
              "name": "29311",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/29311"
            },
            {
              "name": "ADV-2008-0801",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/0801/references"
            },
            {
              "name": "panda-antivirus-cpointsys-priv-escalation(41079)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41079"
            },
            {
              "name": "20080308 [TKADV2008-001] Panda Internet Security/Antivirus+Firewall 2008 cpoint.sys Kernel Driver Memory Corruption Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/489292/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-11T20:34Z",
      "publishedDate": "2008-03-24T22:44Z"
    }
  }
}

cve-2008-1471

Vulnerability from fkie_nvd

Published

2008-03-24 22:44

Modified

2024-11-21 00:44

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/29311	Vendor Advisory
cve@mitre.org	http://www.pandasecurity.com/homeusers/support/card?id=41231&idIdioma=2&ref=ProdExp	Patch
cve@mitre.org	http://www.pandasecurity.com/homeusers/support/card?id=41337&idIdioma=2&ref=ProdExp	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/489292/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/28150	Patch
cve@mitre.org	http://www.securitytracker.com/id?1019568
cve@mitre.org	http://www.trapkit.de/advisories/TKADV2008-001.txt	Exploit, Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0801/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/41079
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29311	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.pandasecurity.com/homeusers/support/card?id=41231&idIdioma=2&ref=ProdExp	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.pandasecurity.com/homeusers/support/card?id=41337&idIdioma=2&ref=ProdExp	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/489292/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28150	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019568
af854a3a-2127-422b-91ae-364da2661108	http://www.trapkit.de/advisories/TKADV2008-001.txt	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0801/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41079

Impacted products

Vendor	Product	Version
microsoft	windows-nt	vista
microsoft	windows-nt	xp
microsoft	windows_2000	*
microsoft	windows_vista	*
microsoft	windows_xp	*
panda	panda_antivirus_and_firewall	2008
panda	panda_internet_security	2008

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows-nt:vista:*:x32:*:*:*:*:*",
              "matchCriteriaId": "8C7E0F58-4948-4785-816F-6B2DC5FEA18E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*",
              "matchCriteriaId": "EEC92A11-2DA9-45B0-8887-876126DA6940",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:pro:*:*:*:*:*",
              "matchCriteriaId": "26CF0F23-E9B6-415F-868A-C883EF11F389",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
              "matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:panda:panda_antivirus_and_firewall:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4D1D99A-22AA-4FC6-ADEF-2759EB96CF5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:panda:panda_internet_security:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "045DD35A-DBE0-412F-AEE0-CA333328A59D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory."
    },
    {
      "lang": "es",
      "value": "El dispositivo cpoint.sys driver en Panda Internet Security 2008 y Antivirus+ Firewall 2008 permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema o kernel panic), sobrescribir memoria o ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una petici\u00f3n IOCTL manipulada que dispara una escritura en memoria fuera de l\u00edmite."
    }
  ],
  "id": "CVE-2008-1471",
  "lastModified": "2024-11-21T00:44:37.097",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-03-24T22:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29311"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/489292/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28150"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1019568"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.trapkit.de/advisories/TKADV2008-001.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0801/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/489292/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/28150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www.trapkit.de/advisories/TKADV2008-001.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0801/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41079"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory. Panda Internet Security/Antivirus+Firewall 2008 is prone to a vulnerability that allows local attackers to corrupt kernel memory. This vulnerability occurs because the application fails to sufficiently validate IOCTL requests. ----------------------------------------------------------------------

A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.

Download and test it today: https://psi.secunia.com/

Read more about this new version: https://psi.secunia.com/?page=changelog

TITLE: Panda Products cpoint.sys Privilege Escalation Vulnerabilities

SECUNIA ADVISORY ID: SA29311

VERIFY ADVISORY: http://secunia.com/advisories/29311/

CRITICAL: Less critical

IMPACT: Privilege escalation, DoS

WHERE: Local system

SOFTWARE: Panda Internet Security 2008 http://secunia.com/product/17681/ Panda Antivirus + Firewall 2008 http://secunia.com/product/17905/

DESCRIPTION: Tobias Klein has reported some vulnerabilities in Panda products, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.

Input validation errors in the cpoint.sys driver when handling certain IOCTL requests (e.g.

The vulnerabilities affect the following products: * Panda Internet Security 2008 * Panda Antivirus + Firewall 2008

SOLUTION: Apply hotfix.

Panda Internet Security 2008 (hfp120801s1.exe): http://www.pandasecurity.com/resources/sop/Platinum2008/hfp120801s1.exe

Panda Antivirus + Firewall 2008 (hft70801s1.exe): http://www.pandasecurity.com/resources/sop/PAVF08/hft70801s1.exe

PROVIDED AND/OR DISCOVERED BY: Tobias Klein

ORIGINAL ADVISORY: Panda: http://www.pandasecurity.com/homeusers/support/card?id=41337&idIdioma=2&ref=ProdExp http://www.pandasecurity.com/homeusers/support/card?id=41231&idIdioma=2&ref=ProdExp

http://www.trapkit.de/advisories/TKADV2008-001.txt

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200803-0457",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "panda",
        "version": "2008"
      },
      {
        "model": "antivirus and firewall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "panda",
        "version": "2008"
      },
      {
        "model": "antivirus and firewall",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "panda security",
        "version": "2008"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "panda security",
        "version": "2008"
      },
      {
        "model": "windows-nt",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "xp"
      },
      {
        "model": "windows 2000",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "pro"
      },
      {
        "model": "windows-nt",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "vista"
      },
      {
        "model": "windows vista",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "x64"
      },
      {
        "model": "windows xp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "x64"
      },
      {
        "model": "antivirus firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "panda",
        "version": "+2008"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "28150"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-1471"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-380"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:*:pro:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows-nt:vista:*:x32:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:panda:panda_antivirus_and_firewall:2008:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:panda:panda_internet_security:2008:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-1471"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Discovery is credited to Tobias Klein.",
    "sources": [
      {
        "db": "BID",
        "id": "28150"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-380"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2008-1471",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": true,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.2,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2008-1471",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-31596",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2008-1471",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200803-380",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-31596",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-31596"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-1471"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-380"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory. Panda Internet Security/Antivirus+Firewall 2008 is prone to a vulnerability that allows local attackers to corrupt kernel memory. This vulnerability occurs because the application fails to sufficiently validate IOCTL requests. ----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nPanda Products cpoint.sys Privilege Escalation Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA29311\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/29311/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation, DoS\n\nWHERE:\nLocal system\n\nSOFTWARE:\nPanda Internet Security 2008\nhttp://secunia.com/product/17681/\nPanda Antivirus + Firewall 2008\nhttp://secunia.com/product/17905/\n\nDESCRIPTION:\nTobias Klein has reported some vulnerabilities in Panda products,\nwhich can be exploited by malicious, local users to cause a DoS\n(Denial of Service) or gain escalated privileges. \n\nInput validation errors in the cpoint.sys driver when handling\ncertain IOCTL requests (e.g. \n\nThe vulnerabilities affect the following products:\n* Panda Internet Security 2008\n* Panda Antivirus + Firewall 2008\n\nSOLUTION:\nApply hotfix. \n\nPanda Internet Security 2008 (hfp120801s1.exe):\nhttp://www.pandasecurity.com/resources/sop/Platinum2008/hfp120801s1.exe\n\nPanda Antivirus + Firewall 2008 (hft70801s1.exe):\nhttp://www.pandasecurity.com/resources/sop/PAVF08/hft70801s1.exe\n\nPROVIDED AND/OR DISCOVERED BY:\nTobias Klein\n\nORIGINAL ADVISORY:\nPanda:\nhttp://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp\nhttp://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp\n\nhttp://www.trapkit.de/advisories/TKADV2008-001.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-1471"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      },
      {
        "db": "BID",
        "id": "28150"
      },
      {
        "db": "VULHUB",
        "id": "VHN-31596"
      },
      {
        "db": "PACKETSTORM",
        "id": "64344"
      }
    ],
    "trust": 2.07
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-31596",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-31596"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-1471",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "28150",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "29311",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1019568",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-0801",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004255",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-380",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "41079",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20080308 [TKADV2008-001] PANDA INTERNET SECURITY/ANTIVIRUS+FIREWALL 2008 CPOINT.SYS KERNEL DRIVER MEMORY CORRUPTION VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "31363",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-31596",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "64344",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-31596"
      },
      {
        "db": "BID",
        "id": "28150"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      },
      {
        "db": "PACKETSTORM",
        "id": "64344"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-1471"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-380"
      }
    ]
  },
  "id": "VAR-200803-0457",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-31596"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T14:06:40.865000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "20080306 41337 EN",
        "trust": 0.8,
        "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026ididioma=2\u0026ref=prodexp"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-399",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-31596"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-1471"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.trapkit.de/advisories/tkadv2008-001.txt"
      },
      {
        "trust": 2.0,
        "url": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026ididioma=2\u0026ref=prodexp"
      },
      {
        "trust": 2.0,
        "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026ididioma=2\u0026ref=prodexp"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/28150"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id?1019568"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/29311"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/489292/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2008/0801/references"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41079"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1471"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1471"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/41079"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/489292/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2008/0801/references"
      },
      {
        "trust": 0.1,
        "url": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026amp;ididioma=2\u0026amp;ref=prodexp"
      },
      {
        "trust": 0.1,
        "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026amp;ididioma=2\u0026amp;ref=prodexp"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/17905/"
      },
      {
        "trust": 0.1,
        "url": "http://www.pandasecurity.com/resources/sop/platinum2008/hfp120801s1.exe"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/?page=changelog"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://www.pandasecurity.com/resources/sop/pavf08/hft70801s1.exe"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/17681/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/29311/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-31596"
      },
      {
        "db": "BID",
        "id": "28150"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      },
      {
        "db": "PACKETSTORM",
        "id": "64344"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-1471"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-380"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-31596"
      },
      {
        "db": "BID",
        "id": "28150"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      },
      {
        "db": "PACKETSTORM",
        "id": "64344"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-1471"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-380"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-03-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-31596"
      },
      {
        "date": "2008-03-08T00:00:00",
        "db": "BID",
        "id": "28150"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      },
      {
        "date": "2008-03-12T17:55:23",
        "db": "PACKETSTORM",
        "id": "64344"
      },
      {
        "date": "2008-03-24T22:44:00",
        "db": "NVD",
        "id": "CVE-2008-1471"
      },
      {
        "date": "2008-03-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200803-380"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-31596"
      },
      {
        "date": "2015-05-07T17:32:00",
        "db": "BID",
        "id": "28150"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      },
      {
        "date": "2018-10-11T20:34:56.347000",
        "db": "NVD",
        "id": "CVE-2008-1471"
      },
      {
        "date": "2008-09-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200803-380"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "28150"
      },
      {
        "db": "PACKETSTORM",
        "id": "64344"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-380"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Panda Internet Security Such as  cpoint.sys Service disruption in drivers  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004255"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200803-380"
      }
    ],
    "trust": 0.6
  }
}

ghsa-38mc-jpfh-xh7r

Vulnerability from github

Published

2022-05-01 23:40

Modified

2022-05-01 23:40

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-1471"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-03-24T22:44:00Z",
    "severity": "HIGH"
  },
  "details": "The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory.",
  "id": "GHSA-38mc-jpfh-xh7r",
  "modified": "2022-05-01T23:40:29Z",
  "published": "2022-05-01T23:40:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1471"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41079"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29311"
    },
    {
      "type": "WEB",
      "url": "http://www.pandasecurity.com/homeusers/support/card?id=41231\u0026idIdioma=2\u0026ref=ProdExp"
    },
    {
      "type": "WEB",
      "url": "http://www.pandasecurity.com/homeusers/support/card?id=41337\u0026idIdioma=2\u0026ref=ProdExp"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/489292/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/28150"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1019568"
    },
    {
      "type": "WEB",
      "url": "http://www.trapkit.de/advisories/TKADV2008-001.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0801/references"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2008-1471

Vulnerability from cvelistv5

gsd-2008-1471

Vulnerability from gsd

cve-2008-1471

Vulnerability from fkie_nvd

var-200803-0457

Vulnerability from variot

ghsa-38mc-jpfh-xh7r

Vulnerability from github

Tags

Sightings

Nomenclature