CVE-2017-7441 in SurfRight HitmanProinfo

Zusammenfassung

von MITRE

In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak occurs at the driver level, an attacker can use this vulnerability to leak some critical information about the machine such as nt!ExpPoolQuotaCookie.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

05.04.2017

Veröffentlichung

13.09.2017

Moderieren

akzeptiert

Eintrag

VDB-106552

CPE

bereit

CWE

CWE-119 (bestätigt)

CVSS

7.8 (NVD)

EPSS

0.00032

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7441
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7441
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7441/

◂ Zurück Übersicht Weiter ▸

Interested in the pricing of exploits?

See the underground prices here!