SafeDisc Secdrv.SYS Local Privilege Escalation Vulnerability
BID:17070
Info
SafeDisc Secdrv.SYS Local Privilege Escalation Vulnerability
| Bugtraq ID: | 17070 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 11 2006 12:00AM |
| Updated: | Mar 14 2006 01:05AM |
| Credit: | The person who discovered this vulnerability wishes to remain anonymous. |
| Vulnerable: |
Macrovision Safedisc 0 |
| Not Vulnerable: | |
Discussion
SafeDisc Secdrv.SYS Local Privilege Escalation Vulnerability
SafeDisc is prone to a local privilege-escalation vulnerability. This issue is due to the failure of the application to restrict access to the configuration parameters of an installed service.
This vulnerability allows local attackers to execute arbitrary malicious code with SYSTEM-level privileges, facilitating the complete compromise of affected computers.
SafeDisc is prone to a local privilege-escalation vulnerability. This issue is due to the failure of the application to restrict access to the configuration parameters of an installed service.
This vulnerability allows local attackers to execute arbitrary malicious code with SYSTEM-level privileges, facilitating the complete compromise of affected computers.
Exploit / POC
SafeDisc Secdrv.SYS Local Privilege Escalation Vulnerability
An exploit is not required.
An exploit is not required.
Solution / Fix
SafeDisc Secdrv.SYS Local Privilege Escalation Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
SafeDisc Secdrv.SYS Local Privilege Escalation Vulnerability
References:
References: