CVE-2017-6178

Опубликовано: 20 мар. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference.

Ссылки

http://packetstormsecurity.com/files/141526/USBPcap-1.1.0.0-Privilege-Escalation.html
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/97026
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/41542/
Exploit
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/141526/USBPcap-1.1.0.0-Privilege-Escalation.html
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/97026
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/41542/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:usbpcap_project:usbpcap:1.1.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 31%

0.00114

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

GHSA-9573-wpfg-j5fh