CVE-2018-19523

{"id": "CVE-2018-19523", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2019-01-03T19:29:00.757", "references": [{"url": "https://blog.securityevaluators.com/vulnerabilities-in-terramaster-tos-3-1-03-fb99cf88b86ahttps://downwithup.github.io/CVEPosts.html", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://downwithup.github.io/CVEPosts.html", "tags": ["Third Party Advisory"], "source": "nvd@nist.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL (0x80002068) with a user defined buffer size. If the size of the buffer is less than 512 bytes, then the driver will overwrite the next pool header if there is one next to the user buffer's pool."}, {"lang": "es", "value": "La versi\u00f3n 2.2015.7.14 de DriverAgent, que incluye la versi\u00f3n 1.0.0.1 de DrvAgent64.sys, permite a un usuario enviar un IOCTL (0x80002068) con un tama\u00f1o de b\u00fafer definido por el usuario. Si el tama\u00f1o de dicho b\u00fafer es inferior a 512 bytes, el controlador sobrescribir\u00e1 la pr\u00f3xima cabecera \"pool\" si hay una al lado del \"pool\" de b\u00fafer del usuario."}], "lastModified": "2019-02-08T16:24:20.687", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:driveagent:driveagent:2.2015.7.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CB63593-2233-456F-B388-73E74CE649CF"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}