VAR-200810-0061

Vulnerability from variot - Updated: 2023-12-18 12:46

Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo Rescue and Recovery 4.20, including 4.20.0511 and 4.20.0512, allows local users to execute arbitrary code via a long file name. Lenovo Rescue and Recovery is prone to a heap-based overflow vulnerability. A successful exploit of this vulnerability can allow a local attacker to completely compromise the affected computer. Lenovo Rescue and Recover 4.20 is vulnerable. Lenovo Rescue and Recovery is a one-click disaster recovery solution developed by Lenovo in China. The tvtumon.sys driver used by Lenovo Rescue and Recovery monitors file creation and changes. The latest queries are cached in the kernel lookaside list. If an overlong file name is sent to the file system, the buffer in the lookaside list will overflow, resulting in kernel memory corruption. A low-privilege user can trigger this destruction from userland, elevating privileges to perform kernel operations. It is also possible to trigger this overflow through web pages in the special case of web browser plugins that allow opening extremely long filenames. ----------------------------------------------------------------------

Do you need accurate and reliable IDS / IPS / AV detection rules?

Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/


TITLE: Lenovo Rescue and Recovery "tvtumon.sys" Privilege Escalation

SECUNIA ADVISORY ID: SA32252

VERIFY ADVISORY: http://secunia.com/advisories/32252/

CRITICAL: Less critical

IMPACT: Privilege escalation

WHERE: Local system

SOFTWARE: Lenovo Rescue and Recovery 4.x http://secunia.com/advisories/product/20143/

DESCRIPTION: A vulnerability has been reported in Lenovo Rescue and Recovery, which potentially can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to a boundary error within the "tvtumin.sys" kernel driver when processing overly long file names.

The vulnerability is reported in version 4.20.0512 for Windows Vista and 4.20.0511 for Windows XP and 2000.

SOLUTION: Update to version 4.21. http://www-307.ibm.com/pc/support/site.wss/MIGR-4Q2QAK.html

PROVIDED AND/OR DISCOVERED BY: Chris Clark and Rachel Engel, iSEC Partners

ORIGINAL ADVISORY: iSEC Partners: https://www.isecpartners.com/advisories/2008-02-lenovornr.txt

Lenovo: http://www-307.ibm.com/pc/support/site.wss/MIGR-70699.html http://www-307.ibm.com/pc/support/site.wss/MIGR-4Q2QAK.html


About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200810-0061",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "resuce and recovery",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "4.20.0512"
      },
      {
        "model": "resuce and recovery",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "4.20.0511"
      },
      {
        "model": "resuce and recovery",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "lenovo",
        "version": "4.20"
      },
      {
        "model": "resuce and recovery",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "lenovo",
        "version": "4.20.0511 previous  4.20"
      },
      {
        "model": "resuce and recovery",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "lenovo",
        "version": "and  4.20.0512"
      },
      {
        "model": "rescue and recovery",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "lenovo",
        "version": "4.20"
      },
      {
        "model": "rescue and recovery",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "lenovo",
        "version": "4.21"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "31737"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4589"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200810-284"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:resuce_and_recovery:4.20.0511:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:resuce_and_recovery:4.20.0512:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:lenovo:resuce_and_recovery:4.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-4589"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Chris Clark\u203b cclark@isecpartners.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200810-284"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2008-4589",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.2,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2008-4589",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-34714",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2008-4589",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200810-284",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-34714",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-34714"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4589"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200810-284"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo Rescue and Recovery 4.20, including 4.20.0511 and 4.20.0512, allows local users to execute arbitrary code via a long file name. Lenovo Rescue and Recovery is prone to a heap-based overflow vulnerability. \nA successful exploit of this vulnerability can allow a local attacker to completely compromise the affected computer. \nLenovo Rescue and Recover 4.20 is vulnerable. Lenovo Rescue and Recovery is a one-click disaster recovery solution developed by Lenovo in China. The tvtumon.sys driver used by Lenovo Rescue and Recovery monitors file creation and changes. The latest queries are cached in the kernel lookaside list. If an overlong file name is sent to the file system, the buffer in the lookaside list will overflow, resulting in kernel memory corruption. A low-privilege user can trigger this destruction from userland, elevating privileges to perform kernel operations. It is also possible to trigger this overflow through web pages in the special case of web browser plugins that allow opening extremely long filenames. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\nLenovo Rescue and Recovery \"tvtumon.sys\" Privilege Escalation\n\nSECUNIA ADVISORY ID:\nSA32252\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/32252/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation\n\nWHERE:\nLocal system\n\nSOFTWARE:\nLenovo Rescue and Recovery 4.x\nhttp://secunia.com/advisories/product/20143/\n\nDESCRIPTION:\nA vulnerability has been reported in Lenovo Rescue and Recovery,\nwhich potentially can be exploited by malicious, local users to gain\nescalated privileges. \n\nThe vulnerability is caused due to a boundary error within the\n\"tvtumin.sys\" kernel driver when processing overly long file names. \n\nThe vulnerability is reported in version 4.20.0512 for Windows Vista\nand 4.20.0511 for Windows XP and 2000. \n\nSOLUTION:\nUpdate to version 4.21. \nhttp://www-307.ibm.com/pc/support/site.wss/MIGR-4Q2QAK.html\n\nPROVIDED AND/OR DISCOVERED BY:\nChris Clark and Rachel Engel, iSEC Partners\n\nORIGINAL ADVISORY:\niSEC Partners:\nhttps://www.isecpartners.com/advisories/2008-02-lenovornr.txt\n\nLenovo:\nhttp://www-307.ibm.com/pc/support/site.wss/MIGR-70699.html\nhttp://www-307.ibm.com/pc/support/site.wss/MIGR-4Q2QAK.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-4589"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      },
      {
        "db": "BID",
        "id": "31737"
      },
      {
        "db": "VULHUB",
        "id": "VHN-34714"
      },
      {
        "db": "PACKETSTORM",
        "id": "70923"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-4589",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "31737",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "32252",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1021041",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-2806",
        "trust": 1.7
      },
      {
        "db": "SREASON",
        "id": "4421",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004952",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "45839",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20081010 ISEC PARTNERS SECURITY ADVISORY - 2008-002-LENOVORNR - LENOVO RESCUE AND RECOVERY 4.20",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200810-284",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-34714",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "70923",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-34714"
      },
      {
        "db": "BID",
        "id": "31737"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      },
      {
        "db": "PACKETSTORM",
        "id": "70923"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4589"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200810-284"
      }
    ]
  },
  "id": "VAR-200810-0061",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-34714"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:46:28.883000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Rescue and Recovery",
        "trust": 0.8,
        "url": "http://support.lenovo.com/en_us/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-34714"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4589"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www-307.ibm.com/pc/support/site.wss/migr-70699.html"
      },
      {
        "trust": 1.8,
        "url": "http://www-307.ibm.com/pc/support/site.wss/migr-4q2qak.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.isecpartners.com/advisories/2008-02-lenovornr.txt"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/31737"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id?1021041"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/32252"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/4421"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/497277/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2008/2806"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45839"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4589"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4589"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/45839"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/497277/100/0/threaded"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2008/2806"
      },
      {
        "trust": 0.3,
        "url": "http://www.pc.ibm.com/us/think/thinkvantagetech/rescuerecovery.html"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/497277"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/binary_analysis/sample_analysis/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/32252/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/20143/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-34714"
      },
      {
        "db": "BID",
        "id": "31737"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      },
      {
        "db": "PACKETSTORM",
        "id": "70923"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4589"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200810-284"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-34714"
      },
      {
        "db": "BID",
        "id": "31737"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      },
      {
        "db": "PACKETSTORM",
        "id": "70923"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4589"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200810-284"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-10-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-34714"
      },
      {
        "date": "2008-10-13T00:00:00",
        "db": "BID",
        "id": "31737"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      },
      {
        "date": "2008-10-15T06:24:30",
        "db": "PACKETSTORM",
        "id": "70923"
      },
      {
        "date": "2008-10-15T22:45:31.350000",
        "db": "NVD",
        "id": "CVE-2008-4589"
      },
      {
        "date": "2008-10-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200810-284"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-34714"
      },
      {
        "date": "2015-05-07T17:22:00",
        "db": "BID",
        "id": "31737"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      },
      {
        "date": "2018-10-11T20:52:20.807000",
        "db": "NVD",
        "id": "CVE-2008-4589"
      },
      {
        "date": "2009-01-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200810-284"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "31737"
      },
      {
        "db": "PACKETSTORM",
        "id": "70923"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200810-284"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Lenovo Rescue and Recovery Heap-based buffer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-004952"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200810-284"
      }
    ],
    "trust": 0.6
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…