CVE-2008-4451

The SysInspector AntiStealth driver (esiasdrv.sys) 3.0.65535.0 in ESET System Analyzer Tool 1.1.1.0 allows local users to execute arbitrary code via a certain METHOD_NEITHER IOCTL request to \Device\esiasdrv that overwrites a pointer.
Configurations

Configuration 1 (hide)

cpe:2.3:a:eset_software:system_analyzer_tool:1.1.1.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:51

Type Values Removed Values Added
References () http://securityreason.com/securityalert/4353 - () http://securityreason.com/securityalert/4353 -
References () http://www.ntinternals.org/ - Exploit () http://www.ntinternals.org/ - Exploit
References () http://www.securityfocus.com/bid/31521 - () http://www.securityfocus.com/bid/31521 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/45619 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/45619 -
References () https://www.exploit-db.com/exploits/6647 - () https://www.exploit-db.com/exploits/6647 -

Information

Published : 2008-10-06 23:25

Updated : 2024-11-21 00:51


NVD link : CVE-2008-4451

Mitre link : CVE-2008-4451

CVE.ORG link : CVE-2008-4451


JSON object : View

Products Affected

eset_software

  • system_analyzer_tool
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE-264

Permissions, Privileges, and Access Controls