An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an unprivileged attacker can run arbitrary code in the kernel.
References
Link | Resource |
---|---|
https://github.com/Elvin9/NotSecDrv/blob/master/README.md | Exploit Third Party Advisory |
https://github.com/Elvin9/NotSecDrv/blob/master/README.md | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 04:11
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/Elvin9/NotSecDrv/blob/master/README.md - Exploit, Third Party Advisory |
Information
Published : 2018-02-26 20:29
Updated : 2024-11-21 04:11
NVD link : CVE-2018-7249
Mitre link : CVE-2018-7249
CVE.ORG link : CVE-2018-7249
JSON object : View
Products Affected
microsoft
- windows_8.1
- windows_vista
- windows_7
- windows_8
tivo
- safedisc