Required CVE Record Information
Description
The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service (system crash) or gain privileges via a crafted IOCTL request, as demonstrated by execution of the KeSetEvent function with modified register contents.
References 5 Total
- exchange.xforce.ibmcloud.com: gdata-gdtdiicpt-privilege-escalation(45249) vdb-entry
- secunia.com: 31941 third-party-advisory
- http://trapkit.de/advisories/TKADV2008-008.txt
- securityfocus.com: 31246 vdb-entry
- vupen.com: ADV-2008-2636 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- exchange.xforce.ibmcloud.com: gdata-gdtdiicpt-privilege-escalation(45249) vdb-entryx_transferred
- secunia.com: 31941 third-party-advisoryx_transferred
- http://trapkit.de/advisories/TKADV2008-008.txt x_transferred
- securityfocus.com: 31246 vdb-entryx_transferred
- vupen.com: ADV-2008-2636 vdb-entryx_transferred