CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
19.0%
Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers.
Vendor | Product | Version | CPE |
---|---|---|---|
ca | host-based_intrusion_prevention_system | core_6.5.4.31 | cpe:2.3:a:ca:host-based_intrusion_prevention_system:core_6.5.4.31:*:*:*:*:*:*:* |
ca | host-based_intrusion_prevention_system | firewall_6.5.4.10 | cpe:2.3:a:ca:host-based_intrusion_prevention_system:firewall_6.5.4.10:*:*:*:*:*:*:* |
secunia.com/advisories/22972
www.osvdb.org/30497
www.osvdb.org/30498
www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
www.securityfocus.com/archive/1/451952/100/0/threaded
www.securityfocus.com/archive/1/452286/100/0/threaded
www.securityfocus.com/archive/1/458040/100/200/threaded
www.securityfocus.com/bid/21140
www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729
www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818