Lucene search
LenovoCVELIST:CVE-2018-9063HistoryMay 03, 2018 - 12:00 a.m.
CVE-2018-9063
2018-05-0300:00:00
lenovo
www.cve.org
1
0.0004 Low
EPSS
Percentile
12.6%
MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program’s buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv.
CNA Affected
[
{
"product": "Lenovo System Update",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "Earlier than 5.07.0072"
}
]
}
]Related
vulnerlab
vulnerlab
Lenovo SU v5.07 - Buffer Overflow & Code Execution
2018-07-12 00:00:00
Lenovo SU v5.07 - Buffer Overflow & Code Execution
2018-07-12 00:00:00
nvd
nvd
CVE-2018-9063
2018-05-04 17:29:00
lenovo
lenovo
Buffer Overflow in Lenovo System Update Drive Mapping Utility - Lenovo Support US
2018-05-03 14:06:00
Buffer Overflow in Lenovo System Update Drive Mapping Utility - US
2018-05-03 14:06:00
prion
prion
Design/Logic Flaw
2018-05-04 17:29:00
cve
cve
CVE-2018-9063
2018-05-04 17:29:00
threatpost
threatpost
Lenovo Patches Arbitrary Code Execution Flaw
2018-05-07 14:14:19