QwikSec

Security Database

CVE

CWE

Training

CVE-2014-7136

Published: Dec 12, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/

x_refsource_MISC

20141210 CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]

mailing-list

x_refsource_FULLDISC

http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.