The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and earlier does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request.
References
Configurations
History
21 Nov 2024, 00:42
Type | Values Removed | Values Added |
---|---|---|
References | () http://kc.forticare.com/default.asp?id=3618 - | |
References | () http://secunia.com/advisories/28975 - Vendor Advisory | |
References | () http://securityreason.com/securityalert/3660 - | |
References | () http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&task=show&action=view&id=47&Itemid=15 - | |
References | () http://www.securityfocus.com/archive/1/488071/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/27776 - | |
References | () http://www.securitytracker.com/id?1019415 - | |
References | () http://www.vupen.com/english/advisories/2008/0541/references - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/40512 - |
Information
Published : 2008-02-14 12:00
Updated : 2024-11-21 00:42
NVD link : CVE-2008-0779
Mitre link : CVE-2008-0779
CVE.ORG link : CVE-2008-0779
JSON object : View
Products Affected
fortinet
- forticlient_host_security
CWE
CWE-264
Permissions, Privileges, and Access Controls