Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-pwhf-9w9v-x79f

Опубликовано: 14 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.1

Описание

Multiple integer overflows in TrueCrypt 7.1a allow local users to (1) obtain sensitive information via vectors involving a crafted item->OriginalLength value in the MainThreadProc function in EncryptedIoQueue.c or (2) cause a denial of service (memory consumption) via vectors involving large StartingOffset and Length values in the ProcessVolumeDeviceControlIrp function in Ntdriver.c.

Multiple integer overflows in TrueCrypt 7.1a allow local users to (1) obtain sensitive information via vectors involving a crafted item->OriginalLength value in the MainThreadProc function in EncryptedIoQueue.c or (2) cause a denial of service (memory consumption) via vectors involving large StartingOffset and Length values in the ProcessVolumeDeviceControlIrp function in Ntdriver.c.

Ссылки

EPSS

Процентиль: 12%
0.0004
Низкий

7.1 High

CVSS3

CVE ID

CVE-2014-2885

Дефекты

CWE-200

Связанные уязвимости

nvd логотип

CVE-2014-2885

CVSS3: 7.1
nvd
почти 8 лет назад

Multiple integer overflows in TrueCrypt 7.1a allow local users to (1) obtain sensitive information via vectors involving a crafted item->OriginalLength value in the MainThreadProc function in EncryptedIoQueue.c or (2) cause a denial of service (memory consumption) via vectors involving large StartingOffset and Length values in the ProcessVolumeDeviceControlIrp function in Ntdriver.c.

debian логотип

CVE-2014-2885

CVSS3: 7.1
debian
почти 8 лет назад

Multiple integer overflows in TrueCrypt 7.1a allow local users to (1) ...

EPSS

Процентиль: 12%
0.0004
Низкий

7.1 High

CVSS3

CVE ID

CVE-2014-2885

Дефекты

CWE-200