CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-6000

The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service (system crash) or gain privileges via a crafted IOCTL request, as demonstrated by execution of the KeSetEvent function with modified register contents.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.0%

CVSS Severity

CVSS v2 Score 7.2

References

http://secunia.com/advisories/31941
http://trapkit.de/advisories/TKADV2008-008.txt
http://www.securityfocus.com/bid/31246
http://www.vupen.com/english/advisories/2008/2636
https://exchange.xforce.ibmcloud.com/vulnerabilities/45249
http://secunia.com/advisories/31941
http://trapkit.de/advisories/TKADV2008-008.txt
http://www.securityfocus.com/bid/31246
http://www.vupen.com/english/advisories/2008/2636
https://exchange.xforce.ibmcloud.com/vulnerabilities/45249

Products affected by CVE-2008-6000

Gdata » Antivirus 2008 » Version: Any

cpe:2.3:a:gdata:antivirus_2008:*
Gdata » Internetsecurity 2008 » Version: Any

cpe:2.3:a:gdata:internetsecurity_2008:*
Gdata » Totalcare 2008 » Version: Any

cpe:2.3:a:gdata:totalcare_2008:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6000

Products

Pricing

Contact Us