Podatność CVE-2014-4971


Publikacja: 2014-07-26

Opis:
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation
Matt Bergin of K...
22.07.2014
Med.
Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation
Matt Bergin of K...
22.07.2014
Med.
MQAC.sys Arbitrary Write Privilege Escalation
Spencer
25.07.2014
Med.
Microsoft Bluetooth Personal Area Networking Privilege Escalation
Jay Smith
16.10.2014

Typ:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
7.2/10
10/10
3.9/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Lokalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Pełny
Pełny
Pełny
Affected software
Microsoft -> Windows xp 

 Referencje:
http://blogs.technet.com/b/srd/archive/2014/10/14/accessing-risk-for-the-october-2014-security-updates.aspx
http://packetstormsecurity.com/files/127535/Microsoft-XP-SP3-BthPan.sys-Arbitrary-Write-Privilege-Escalation.html
http://packetstormsecurity.com/files/127536/Microsoft-XP-SP3-MQAC.sys-Arbitrary-Write-Privilege-Escalation.html
http://packetstormsecurity.com/files/128674/Microsoft-Bluetooth-Personal-Area-Networking-BthPan.sys-Privilege-Escalation.html
http://seclists.org/fulldisclosure/2014/Jul/96
http://seclists.org/fulldisclosure/2014/Jul/97
http://www.exploit-db.com/exploits/34112
http://www.exploit-db.com/exploits/34131
http://www.exploit-db.com/exploits/34982
http://www.securityfocus.com/archive/1/532843/100/0/threaded
http://www.securityfocus.com/archive/1/532844/100/0/threaded
http://www.securityfocus.com/bid/68764
http://www.securitytracker.com/id/1031025
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-062
https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt
https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt

Copyright 2021, cxsecurity.com

 

Back to Top