CVE-2014-7136 - OpenCVE

Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
K7computing	K7firewall Packet Driver

Configuration 1 [-]

cpe:2.3:a:k7computing:k7firewall_packet_driver:*:*:*:*:*:*:*:*

References

Link	Resource
http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html	Exploit
http://seclists.org/fulldisclosure/2014/Dec/47	Exploit
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/	Exploit

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2014-12-12T15:00:00

Updated: 2014-12-12T13:57:01

Reserved: 2014-09-21T00:00:00

Link: CVE-2014-7136

JSON object: View

NVD Information

Status : Analyzed

Published: 2014-12-12T15:59:07.073

Modified: 2014-12-15T19:50:07.737

Link: CVE-2014-7136

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-10T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-12-12T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"}, {"name": "20141210 CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2014/Dec/47"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-7136", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/", "refsource": "MISC", "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"}, {"name": "20141210 CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2014/Dec/47"}, {"name": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-7136", "datePublished": "2014-12-12T15:00:00", "dateReserved": "2014-09-21T00:00:00", "dateUpdated": "2014-12-12T13:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:k7computing:k7firewall_packet_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "6700DDA2-8494-4B64-B402-DB1C83E24675", "versionEndIncluding": "14.0.1.15", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call."}, {"lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en el controlador del modo de kernel K7FWFilt.sys (tambi\u00e9n conocido como K7Firewall Packet Driver) anterior a 14.0.1.16, utilizado en m\u00faltiples productos de K7 Computing, permite a usuarios locales ejecutar c\u00f3digo arbitrario con privilegios de kernel a trav\u00e9s de un par\u00e1metro manipulado en una llamada API DeviceIoControl."}], "id": "CVE-2014-7136", "lastModified": "2014-12-15T19:50:07.737", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-12-12T15:59:07.073", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://seclists.org/fulldisclosure/2014/Dec/47"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}