CVE-2014-7136

Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html	Exploit
http://seclists.org/fulldisclosure/2014/Dec/47	Exploit
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/	Exploit

Configurations

Configuration 1 (hide)

cpe:2.3:a:k7computing:k7firewall_packet_driver:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-12-12 15:59

Updated : 2024-02-04 18:35

NVD link : CVE-2014-7136

Mitre link : CVE-2014-7136

CVE.ORG link : CVE-2014-7136

JSON object : View

Products Affected

k7computing

k7firewall_packet_driver

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2014-7136", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-12-12T15:59:07.073", "references": [{"url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2014/Dec/47", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/", "tags": ["Exploit"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call."}, {"lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en el controlador del modo de kernel K7FWFilt.sys (tambi\u00e9n conocido como K7Firewall Packet Driver) anterior a 14.0.1.16, utilizado en m\u00faltiples productos de K7 Computing, permite a usuarios locales ejecutar c\u00f3digo arbitrario con privilegios de kernel a trav\u00e9s de un par\u00e1metro manipulado en una llamada API DeviceIoControl."}], "lastModified": "2014-12-15T19:50:07.737", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:k7computing:k7firewall_packet_driver:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6700DDA2-8494-4B64-B402-DB1C83E24675", "versionEndIncluding": "14.0.1.15"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}