Vulnerability Details CVE-2014-8608
The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to cause a denial of service (NULL pointer dereference) as demonstrated by a filename containing "crashme$$".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.3%
CVSS Severity
CVSS v2 Score 4.9
References
- http://packetstormsecurity.com/files/129470/K7-Computing-Multiple-Products-Null-Pointer-Dereference.html
- http://seclists.org/fulldisclosure/2014/Dec/45
- http://www.securityfocus.com/bid/71615
- https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8608/
- http://packetstormsecurity.com/files/129470/K7-Computing-Multiple-Products-Null-Pointer-Dereference.html
- http://seclists.org/fulldisclosure/2014/Dec/45
- http://www.securityfocus.com/bid/71615
- https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8608/
Products affected by CVE-2014-8608
-
cpe:2.3:a:k7computing:k7av_sentry_device_driver:12.8.0.118