CVEDB API

Vulnerability Details CVE-2014-8956

Stack-based buffer overflow in the K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.9%

CVSS Severity

CVSS v2 Score 7.2

References

http://packetstormsecurity.com/files/129472/K7-Computing-Multiple-Products-K7Sentry.sys-Out-Of-Bounds-Write.html
http://seclists.org/fulldisclosure/2014/Dec/46
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8956/
http://packetstormsecurity.com/files/129472/K7-Computing-Multiple-Products-K7Sentry.sys-Out-Of-Bounds-Write.html
http://seclists.org/fulldisclosure/2014/Dec/46
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8956/

Products affected by CVE-2014-8956

K7computing » K7av Sentry Device Driver » Version: 12.8.0.118

cpe:2.3:a:k7computing:k7av_sentry_device_driver:12.8.0.118

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-8956

Products

Pricing

Contact Us