exploitDog

CVE-2010-4502

Опубликовано: 08 дек. 2010

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users to cause a denial of service (pool corruption) and execute arbitrary code via crafted arguments to the 0x88000080 IOCTL, which triggers a buffer overflow.

Ссылки

http://secunia.com/advisories/42267
Vendor Advisory
http://www.exploit-db.com/exploits/15624
Exploit
http://www.securitytracker.com/id?1024808
http://www.vupen.com/english/advisories/2010/3070
Vendor Advisory
http://secunia.com/advisories/42267
Vendor Advisory
http://www.exploit-db.com/exploits/15624
Exploit
http://www.securitytracker.com/id?1024808
http://www.vupen.com/english/advisories/2010/3070
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ca:internet_security_suite_plus_2010:*:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.00188

Низкий

7.2 High

CVSS2

Дефекты

CWE-189

Связанные уязвимости

GHSA-cg8x-876m-56f7

github

больше 3 лет назад

Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users to cause a denial of service (pool corruption) and execute arbitrary code via crafted arguments to the 0x88000080 IOCTL, which triggers a buffer overflow.

EPSS

Процентиль: 41%

0.00188

Низкий

7.2 High

CVSS2

Дефекты

CWE-189