CVE-2014-4971

Sažetak

Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.

Reference

http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-october-2014-security-updates.aspx
http://packetstormsecurity.com/files/127535/Microsoft-XP-SP3-BthPan.sys-Arbitrary-Write-Privilege-Escalation.html
http://packetstormsecurity.com/files/127536/Microsoft-XP-SP3-MQAC.sys-Arbitrary-Write-Privilege-Escalation.html
http://packetstormsecurity.com/files/128674/Microsoft-Bluetooth-Personal-Area-Networking-BthPan.sys-Privilege-Escalation.html
http://seclists.org/fulldisclosure/2014/Jul/96
http://seclists.org/fulldisclosure/2014/Jul/97
http://secunia.com/advisories/60974
http://www.exploit-db.com/exploits/34112
http://www.exploit-db.com/exploits/34131
http://www.exploit-db.com/exploits/34982
http://www.osvdb.org/109387
http://www.securityfocus.com/archive/1/532843/100/0/threaded
http://www.securityfocus.com/archive/1/532844/100/0/threaded
http://www.securityfocus.com/bid/68764
http://www.securitytracker.com/id/1031025
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-062
https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt
https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

12-10-2018 - 22:07

Objavljeno

26-07-2014 - 15:55