Lucene search

[email protected]CVE-2008-7211

HistorySep 11, 2009 - 4:30 p.m.

CVE-2008-7211

2009-09-1116:30:00

[email protected]

web.nvd.nist.gov

cve-2008-7211

ensoniq pci 1371 sound cards

audio driver vulnerability

windows vista

security vulnerability

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

CreativeLabs es1371mp.sys 5.1.3612.0 WDM audio driver, as used in Ensoniq PCI 1371 sound cards and when running on Windows Vista, does not create a Functional Device Object (FDO) to prevent user-moade access to the Physical Device Object (PDO), which allows local users to gain SYSTEM privileges via a crafted IRP request that dereferences a NULL FsContext pointer.

Affected configurations

NVD

Node

soundblasterensoniq_pci_es1371_wdm_driverMatch5.1.3612.0

AND

microsoftwindows_vista

CPENameOperatorVersion
soundblaster:ensoniq_pci_es1371_wdm_driversoundblaster ensoniq pci es1371 wdm drivereq5.1.3612.0

CPE	Name	Operator	Version
soundblaster:ensoniq_pci_es1371_wdm_driver	soundblaster ensoniq pci es1371 wdm driver	eq	5.1.3612.0

References

www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=54

www.securityfocus.com/archive/1/485848/100/200/threaded

www.securityfocus.com/bid/27179

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2008-7211

cvelist1 nvd1 prion1