CVE-2007-5587

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild.

References

http://blog.48bits.com/?p=172

http://osvdb.org/41429

http://secunia.com/advisories/27285

http://securityreason.com/securityalert/3266

http://www.microsoft.com/technet/security/advisory/944653.mspx

http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&task=show&action=view&id=43&Itemid=15

http://www.securityfocus.com/archive/1/482474/100/0/threaded

http://www.securityfocus.com/archive/1/482482/100/0/threaded

http://www.securityfocus.com/archive/1/485268/100/0/threaded

http://www.securityfocus.com/bid/26121

http://www.securitytracker.com/id?1018833

http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html

http://www.us-cert.gov/cas/techalerts/TA07-345A.html

http://www.vupen.com/english/advisories/2007/3537

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-067

https://exchange.xforce.ibmcloud.com/vulnerabilities/37284

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4584

Details

Source: MITRE

Published: 2007-10-19

Updated: 2018-10-15

Type: CWE-119

Risk Information

CVSS v2

Base Score: 6.9

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.4

Severity: MEDIUM

Tenable Plugins

View all (2 total)

IDNameProductFamilySeverity
29311MS07-067: Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653)NessusWindows : Microsoft Bulletins
medium
28185Macrovision SafeDisc secdrv.sys Crafted METHOD_NEITHER IOCTL Local OverflowNessusWindows
medium