Back to search
CVE-2008-6000
Published: Jan 28, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service (system crash) or gain privileges via a crafted IOCTL request, as demonstrated by execution of the KeSetEvent function with modified register contents.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
gdata-gdtdiicpt-privilege-escalation(45249)
vdb-entry
x_refsource_XF
31941
third-party-advisory
x_refsource_SECUNIA
http://trapkit.de/advisories/TKADV2008-008.txt
x_refsource_MISC
31246
vdb-entry
x_refsource_BID
ADV-2008-2636
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now