1. CVE-Search
  2. CVE-2007-3681
ID CVE-2007-3681
Summary The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.
References
Vulnerable Configurations
  • cpe:2.3:a:winpcap:winpcap:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:winpcap:winpcap:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:winpcap:winpcap:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:winpcap:winpcap:4.0:*:*:*:*:*:*:*
CVSS
Base: 6.6 (as of 15-10-2018 - 21:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:S/C:C/I:C/A:C
refmap via4
bid 24829
bugtraq
  • 20070709 WinPcap NPF.SYS Privilege Elevation Vulnerability
  • 20070710 Re: Re: WinPcap NPF.SYS Privilege Elevation Vulnerability
  • 20070710 Re: WinPcap NPF.SYS Privilege Elevation Vulnerability
confirm http://www.winpcap.org/misc/changelog.htm
exploit-db 4165
idefense 20070709 WinPcap NPF.SYS Local Privilege Escalation Vulnerability
osvdb 37889
sectrack 1018350
secunia 25982
vupen ADV-2007-2468
xf winpcap-npf-code-execution(35309)
Last major update 15-10-2018 - 21:29
Published 11-07-2007 - 17:30
Last modified 15-10-2018 - 21:29
Back to Top