CVE Vulnerability

CVE-2007-5587

Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild.

6.9 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.4 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://blog.48bits.com/?p=172 Exploit
http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&task=show&action=view&id=43&Itemid=15
http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html
http://www.microsoft.com/technet/security/advisory/944653.mspx
http://www.securityfocus.com/bid/26121
http://www.securitytracker.com/id?1018833
http://secunia.com/advisories/27285
http://securityreason.com/securityalert/3266
http://www.us-cert.gov/cas/techalerts/TA07-345A.html US Government Resource
http://osvdb.org/41429
http://www.vupen.com/english/advisories/2007/3537
https://exchange.xforce.ibmcloud.com/vulnerabilities/37284
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4584
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-067
http://www.securityfocus.com/archive/1/485268/100/0/threaded
http://www.securityfocus.com/archive/1/482482/100/0/threaded
http://www.securityfocus.com/archive/1/482474/100/0/threaded
Configurations

Configuration 1
Information

Published : 2007-10-19 09:17

Updated : 2018-10-15 09:45

NVD link : CVE-2007-5587

Mitre link : CVE-2007-5587

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-264