Lucene search

MitreCVE-2014-8608

HistoryDec 12, 2014 - 3:59 p.m.

CVE-2014-8608

2014-12-1215:59:12

mitre

web.nvd.nist.gov

cve-2014-8608

k7sentry.sys

k7av sentry device driver

denial of service

null pointer dereference

security vulnerability

nvd

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.3

Confidence

High

EPSS

Percentile

9.8%

JSON

The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to cause a denial of service (NULL pointer dereference) as demonstrated by a filename containing “crashme$$”.

Affected configurations

Nvd

Node

k7computingk7av_sentry_device_driverRange≤12.8.0.118

VendorProductVersionCPE
k7computingk7av_sentry_device_driver*cpe:2.3:a:k7computing:k7av_sentry_device_driver:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
k7computing	k7av_sentry_device_driver	*	cpe:2.3:a:k7computing:k7av_sentry_device_driver::::::::

References

packetstormsecurity.com/files/129470/K7-Computing-Multiple-Products-Null-Pointer-Dereference.html

seclists.org/fulldisclosure/2014/Dec/45

www.securityfocus.com/bid/71615

www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8608/

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.3

Confidence

High

EPSS

Percentile

9.8%

JSON

Related for CVE-2014-8608