Vulnerability Details CVE-2008-0779
The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and earlier does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.9%
CVSS Severity
CVSS v2 Score 7.2
References
- http://kc.forticare.com/default.asp?id=3618
- http://secunia.com/advisories/28975
- http://securityreason.com/securityalert/3660
- http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&task=show&action=view&id=47&Itemid=15
- http://www.securityfocus.com/archive/1/488071/100/0/threaded
- http://www.securityfocus.com/bid/27776
- http://www.securitytracker.com/id?1019415
- http://www.vupen.com/english/advisories/2008/0541/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40512
- http://kc.forticare.com/default.asp?id=3618
- http://secunia.com/advisories/28975
- http://securityreason.com/securityalert/3660
- http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&task=show&action=view&id=47&Itemid=15
- http://www.securityfocus.com/archive/1/488071/100/0/threaded
- http://www.securityfocus.com/bid/27776
- http://www.securitytracker.com/id?1019415
- http://www.vupen.com/english/advisories/2008/0541/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40512
Products affected by CVE-2008-0779
-
cpe:2.3:h:fortinet:forticlient_host_security:*