CVE-2016-1493

Sažetak

Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file.

Reference

http://packetstormsecurity.com/files/135314/Intel-Driver-Update-Utility-2.2.0.5-Man-In-The-Middle.html
http://seclists.org/fulldisclosure/2016/Jan/56
http://www.coresecurity.com/advisories/intel-driver-update-utility-mitm
http://www.securityfocus.com/archive/1/537327/100/0/threaded
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00048&languageid=en-fr

CVSS

Base:	7.6
Impact:	10.0
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:H/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-10-2018 - 19:59

Objavljeno

29-01-2016 - 20:59