Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9642

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2014-9642
Last Modified 09 Feb 2015 11:09:34
Published 06 Feb 2015 10:59:10
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-9642

Summary

bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.

Vulnerable Systems

Application

  • Bullguard Bdagent.sys 1.0.0.6

  • Bullguard Internet Security 14.1.287

  • Bullguard Online Backup 14.1.287

  • Bullguard Premium Protection 14.1.287


References

OSVDB - 114478

MISC - http://www.greyhathacker.net/?p=818

EXPLOIT-DB - 35994

CONFIRM - http://www.bullguard.com/about/release-notes.aspx

MISC - http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html


Last Updated: 27 May 2016 11:07:43