NVIDIA Graphics Driver 340.x < 341.92 / 352.x < 354.35 / 358.x < 358.87 Multiple Vulnerabilities

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by multiple vulnerabilities.

Description :

The version of the NVIDIA graphics driver installed on the remote
Windows host is 340.x prior to 341.92, 352.x prior to 354.35, or 358.x
prior to 358.87. It is, therefore, affected by multiple
vulnerabilities :

- A privilege escalation vulnerability exists in the
Stereoscopic 3D Driver Service due to improper
restriction of access to the 'stereosvrpipe' named pipe.
An adjacent attacker can exploit this to execute
arbitrary command line arguments, resulting in an
escalation of privileges. (CVE-2015-7865)

- A privilege escalation vulnerability exists due to an
unquoted Windows search path issue in the Smart Maximize
Helper (nvSmartMaxApp.exe). A local attacker can exploit
this to escalate privileges. (CVE-2015-7866)

- Multiple privilege escalation vulnerabilities exist in
the NVAPI support layer due to multiple unspecified
integer overflow conditions in the underlying kernel
mode driver. A local attacker can exploit these issues
to gain access to uninitialized or out-of-bounds memory,
resulting in an escalation of privileges.
(CVE-2015-7869, CVE-2015-8328)

See also :

https://nvidia.custhelp.com/app/answers/detail/a_id/3806
https://nvidia.custhelp.com/app/answers/detail/a_id/3807
https://nvidia.custhelp.com/app/answers/detail/a_id/3808

Solution :

Upgrade to video driver version 341.92 / 354.35 / 358.87 or later.

Risk factor :

High / CVSS Base Score : 7.7
(CVSS2#AV:A/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 87412 ()

Bugtraq ID: 83873

CVE ID: CVE-2015-7865
CVE-2015-7866
CVE-2015-7869
CVE-2015-8328

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now