exploitDog

CVE-2018-15499

Опубликовано: 24 авг. 2018

Источник: nvd

CVSS3: 4.7

CVSS2: 4.7

EPSS Низкий

Описание

GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine.

Ссылки

https://downwithup.github.io/CVEPosts.html
Exploit
Third Party Advisory
https://github.com/DownWithUp/CVE-2018-15499
Exploit
Third Party Advisory
https://downwithup.github.io/CVEPosts.html
Exploit
Third Party Advisory
https://github.com/DownWithUp/CVE-2018-15499
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gearsoftware:gearaspiwdm:2.2.5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00727

Низкий

4.7 Medium

CVSS3

4.7 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

GHSA-cjf3-2xc5-qx57

CVSS3: 4.7

github

больше 3 лет назад

GEAR Software products that include GEARAspiWDM.sys, 2.2.5.0, allow local users to cause a denial of service (Race Condition and BSoD on Windows) by not checking that user-mode memory is available right before writing to it. A check is only performed at the beginning of a long subroutine.

EPSS

Процентиль: 72%

0.00727

Низкий

4.7 Medium

CVSS3

4.7 Medium

CVSS2

Дефекты

CWE-362