CVE-2007-5587 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-5587
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-5587

Description: Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/37284 ST 1018833 SREASON http://securityreason.com/securityalert/3266 SAID Secunia Advisory: SA27285 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4584 MSKB http://www.microsoft.com/technet/security/advisory/944653.mspx MS http://www.microsoft.com/technet/security/bulletin/ms07-067.mspx MISC http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&task=show&action=view&id=43&Itemid=15 http://blog.48bits.com/?p=172 HP http://www.securityfocus.com/archive/1/archive/1/485268/100/0/threaded CERT http://www.us-cert.gov/cas/techalerts/TA07-345A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/482482/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/482474/100/0/threaded BID 26121

Return to the previous page.