Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5587

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2007-5587
Last Modified 07 Mar 2011 10:00:58
Published 19 Oct 2007 05:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5587

Summary

Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild.

Vulnerable Systems

Application

  • Macrovision Safedisc


References

CERT - TA07-345A

XF - windows-secdrv-bo(37284)

VUPEN - ADV-2007-3537

MISC - http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html

SECTRACK - 1018833

BID - 26121

HP - SSRT071506

BUGTRAQ - 20071018 [CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day)

BUGTRAQ - 20071017 Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day)

MISC - http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&task=show&action=view&id=43&Itemid=15

MS - MS07-067

MSKB - 944653

SREASON - 3266

SECUNIA - 27285

OSVDB - 41429

MISC - http://blog.48bits.com/?p=172

HP - HPSBST02299


Last Updated: 27 May 2016 10:46:13