CVE-2008-1471
Published Mar 24, 2008
Last updated 6 years ago
Overview
- Description
- The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows-nt:vista:*:x32:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8C7E0F58-4948-4785-816F-6B2DC5FEA18E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows-nt:xp:*:x32:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "EEC92A11-2DA9-45B0-8887-876126DA6940"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:pro:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "26CF0F23-E9B6-415F-868A-C883EF11F389"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1DD1D5ED-FE7C-4ADF-B3AF-1F13E51B4FB5"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "ACF75FC8-095A-4EEA-9A41-C27CFF3953FB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:panda:panda_antivirus_and_firewall:2008:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4D1D99A-22AA-4FC6-ADEF-2759EB96CF5A"
},
{
"criteria": "cpe:2.3:a:panda:panda_internet_security:2008:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "045DD35A-DBE0-412F-AEE0-CA333328A59D"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]