Vulnerability Details CVE-2017-6178
The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- http://packetstormsecurity.com/files/141526/USBPcap-1.1.0.0-Privilege-Escalation.html
- http://www.securityfocus.com/bid/97026
- https://www.exploit-db.com/exploits/41542/
- http://packetstormsecurity.com/files/141526/USBPcap-1.1.0.0-Privilege-Escalation.html
- http://www.securityfocus.com/bid/97026
- https://www.exploit-db.com/exploits/41542/
Products affected by CVE-2017-6178
-
cpe:2.3:a:usbpcap_project:usbpcap:1.1.0.0