CVE-2008-6000 - The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populat

CVE-2008-6000

Summary

The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service (system crash) or gain privileges via a crafted IOCTL request, as demonstrated by execution of the KeSetEvent function with modified register contents. Per http://trapkit.de/advisories/TKADV2008-008.txt Upgrade to G DATA AntiVirus/InternetSecurity/TotalCare 2009. http://www.gdata.de/

References

Vulnerable Configurations

cpe:2.3:a:gdata:antivirus_2008:*:*:*:*:*:*:*:*
cpe:2.3:a:gdata:antivirus_2008:*:*:*:*:*:*:*:*
cpe:2.3:a:gdata:internetsecurity_2008:*:*:*:*:*:*:*:*
cpe:2.3:a:gdata:internetsecurity_2008:*:*:*:*:*:*:*:*
cpe:2.3:a:gdata:totalcare_2008:*:*:*:*:*:*:*:*
cpe:2.3:a:gdata:totalcare_2008:*:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 08-08-2017 - 01:33)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	31246
misc	http://trapkit.de/advisories/TKADV2008-008.txt
secunia	31941
vupen	ADV-2008-2636
xf	gdata-gdtdiicpt-privilege-escalation(45249)

Last major update

08-08-2017 - 01:33

Published

28-01-2009 - 15:30

Last modified

08-08-2017 - 01:33