Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4580

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2007-4580
Last Modified 15 Nov 2008 01:57:37
Published 28 Aug 2007 02:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-4580

Summary

Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by sending a small buffer size value to the FsSetVolumeInformation IOCTL handler code with a FsSetDirectoryInformation subcode containing a large buffer.

Vulnerable Systems

Application

  • Trustware Bufferzone 2.1

  • Trustware Bufferzone 2.5


References

XF - bufferzone-redlight-privilege-escalation(36278)

BUGTRAQ - 20070824 Security vulnerability in BufferZone 2.5

SECUNIA - 26608

OSVDB - 39154

SREASON - 3071


Last Updated: 27 May 2016 10:45:54