CVE-2007-3681

Опубликовано: 11 июл. 2007

Источник: nvd

CVSS2: 6.6

EPSS Низкий

Описание

The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.

Ссылки

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550
http://osvdb.org/37889
http://secunia.com/advisories/25982
Patch
Vendor Advisory
http://securitytracker.com/id?1018350
http://www.securityfocus.com/archive/1/473270/100/0/threaded
http://www.securityfocus.com/archive/1/473297/100/0/threaded
http://www.securityfocus.com/archive/1/473301/100/0/threaded
http://www.securityfocus.com/bid/24829
Patch
http://www.vupen.com/english/advisories/2007/2468
http://www.winpcap.org/misc/changelog.htm
https://exchange.xforce.ibmcloud.com/vulnerabilities/35309
https://www.exploit-db.com/exploits/4165
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550
http://osvdb.org/37889
http://secunia.com/advisories/25982
Patch
Vendor Advisory
http://securitytracker.com/id?1018350
http://www.securityfocus.com/archive/1/473270/100/0/threaded
http://www.securityfocus.com/archive/1/473297/100/0/threaded
http://www.securityfocus.com/archive/1/473301/100/0/threaded
http://www.securityfocus.com/bid/24829
Patch

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:winpcap:winpcap:3.1:*:*:*:*:*:*:*

cpe:2.3:a:winpcap:winpcap:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00096

Низкий

6.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-c5xf-xf94-3jc3

github

почти 4 года назад