CVE-2018-3971 - An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of S

CVE-2018-3971

Summary

An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP request to trigger this vulnerability.

References

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0636
http://www.securityfocus.com/bid/105743

Vulnerable Configurations

cpe:2.3:a:sophos:hitmanpro.alert:3.7.6.744:*:*:*:*:*:*:*
cpe:2.3:a:sophos:hitmanpro.alert:3.7.6.744:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 02-02-2023 - 13:43)
Impact:
Exploitability:

CWE

CWE-123

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	105743
misc	https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0636

Last major update

02-02-2023 - 13:43

Published

25-10-2018 - 18:29

Last modified

02-02-2023 - 13:43