Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0779

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-0779
Last Modified 11 Jul 2011 12:00:00
Published 14 Feb 2008 07:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-0779

Summary

The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and earlier does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request.

Vulnerable Systems


References

XF - forticlient-fortimon-privilege-escalation(40512)

VUPEN - ADV-2008-0541

SECTRACK - 1019415

BID - 27776

BUGTRAQ - 20080213 [Reversemode Advisory] February Advisories : Microsoft Word 2003 + Fortinet Forticlient

MISC - http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&task=show&action=view&id=47&Itemid=15

SREASON - 3660

SECUNIA - 28975

CONFIRM - http://kc.forticare.com/default.asp?id=3618


Last Updated: 27 May 2016 10:46:56