Detections
Analytics
Sophos Anti-Virus SAVOnAccessFilter Local Privilege Escalation
high Nessus Plugin ID 46860
Language:
Synopsis
The remote Windows host has an application that is affected by a local privilege escalation vulnerability.Description
According to its version number, the Sophos Anti-Virus installation on the remote Windows host is affected by a local privilege escalation vulnerability. A local attacker, exploiting this flaw, could execute arbitrary code in kernel mode and thereby gain complete control of the affected system.Solution
Upgrade to Sophos Anti-Virus version 7.6.20, 9.0, or later.See Also
https://seclists.org/fulldisclosure/2010/Jun/193
http://www.sophos.com/support/knowledgebase/article/111126.html
Plugin Details
Severity: High
ID: 46860
File Name: sophos_7_6_20.nasl
Version: 1.12
Type: local
Agent: windows
Family: Windows
Published: 6/10/2010
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:sophos:sophos_anti-virus
Required KB Items: Antivirus/Sophos/installed, Antivirus/Sophos/prod_ver
Exploit Ease: No known exploits are available
Patch Publication Date: 6/9/2010
Vulnerability Publication Date: 6/9/2010
Reference Information
CVE: CVE-2010-2308
BID: 40715
Secunia: 40085