CVE-2014-7136

Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.
Configurations

Configuration 1 (hide)

cpe:2.3:a:k7computing:k7firewall_packet_driver:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:16

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html - Exploit () http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html - Exploit
References () http://seclists.org/fulldisclosure/2014/Dec/47 - Exploit () http://seclists.org/fulldisclosure/2014/Dec/47 - Exploit
References () https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/ - Exploit () https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/ - Exploit

Information

Published : 2014-12-12 15:59

Updated : 2024-11-21 02:16


NVD link : CVE-2014-7136

Mitre link : CVE-2014-7136

CVE.ORG link : CVE-2014-7136


JSON object : View

Products Affected

k7computing

  • k7firewall_packet_driver
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer