Back to search
CVE-2010-1591
Published: Apr 28, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows local users to gain privileges via crafted IOCTL requests to the (1) HookCont.sys, (2) HookNtos.sys, (3) HOOKREG.sys, or (4) HookSys.sys device driver; or the (5) RsNTGdi.sys kernel module, reachable through \Device\RSNTGDI.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.ntinternals.org/ntiadv0902/ntiadv0902.html
x_refsource_MISC
61946
vdb-entry
x_refsource_OSVDB
ADV-2010-0218
vdb-entry
x_refsource_VUPEN
37951
vdb-entry
x_refsource_BID
rising-antivirus-drivers-priv-escalation(55869)
vdb-entry
x_refsource_XF
38335
third-party-advisory
x_refsource_SECUNIA
http://www.ntinternals.org/ntiadv0805/ntiadv0805.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now