CVE-2007-5756

Sažetak

Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625
http://secunia.com/advisories/27676
http://www.securityfocus.com/bid/26409
http://www.securitytracker.com/id?1018935
http://www.vupen.com/english/advisories/2007/3835
http://www.winpcap.org/misc/changelog.htm
https://exchange.xforce.ibmcloud.com/vulnerabilities/38433

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-02-2024 - 03:13

Objavljeno

14-11-2007 - 01:46