Vulnerability CVE-2013-0109
Published: 2013-04-08

Description:
The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cause a denial of service (memory overwrite) via a crafted application.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Nvidia (nvsvc) Display Driver Service Local Privilege Escalation
Peter Wintersmit...
17.12.2013

Type:

CWE-264

 (Permissions, Privileges, and Access Controls)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Nvidia -> Display driver 

 References:
http://www.kb.cert.org/vuls/id/957036
http://www.nvidia.com/object/product-security.html
Copyright 2024, cxsecurity.com

 

Back to Top