Vulnerability Details CVE-2014-9642
bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.7%
CVSS Severity
CVSS v2 Score 7.2
References
- http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html
- http://www.bullguard.com/about/release-notes.aspx
- http://www.exploit-db.com/exploits/35994
- http://www.greyhathacker.net/?p=818
- http://www.osvdb.org/114478
- http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html
- http://www.bullguard.com/about/release-notes.aspx
- http://www.exploit-db.com/exploits/35994
- http://www.greyhathacker.net/?p=818
- http://www.osvdb.org/114478
Products affected by CVE-2014-9642
-
cpe:2.3:a:bullguard:bdagent.sys:1.0.0.6
-
cpe:2.3:a:bullguard:internet_security:14.1.287
-
cpe:2.3:a:bullguard:online_backup:14.1.287
-
cpe:2.3:a:bullguard:premium_protection:14.1.287