GEAR Software CD DVD Filter Driver 'GEARAspiWDM.sys' Local Privilege Escalation Vulnerability

BID:31089

Info

GEAR Software CD DVD Filter Driver 'GEARAspiWDM.sys' Local Privilege Escalation Vulnerability

Bugtraq ID: 31089
Class: Boundary Condition Error
CVE: CVE-2008-3636
Remote: No
Local: Yes
Published: Sep 09 2008 12:00AM
Updated: Oct 08 2008 06:08PM
Credit: Ruben Santamarta of Wintercore
Vulnerable: Symantec Norton Save and Restore 2.0
Symantec Norton Ghost 14.0
Symantec Norton Ghost 13.0
Symantec Norton Ghost 12.0
Symantec Norton Ghost 10.1
Symantec Norton Ghost 10.0
Symantec Norton 360 2.0
Symantec Norton 360 1.0
Symantec LiveState Recovery 6.02
Symantec LiveState Recovery 6.01
Symantec LiveState Recovery 6.0
Symantec Backup Exec System Recovery Manager 8.0.2
Symantec Backup Exec System Recovery Manager 8.0.1
Symantec Backup Exec System Recovery Manager 8.0
Symantec Backup Exec System Recovery Manager 7.0.4
Symantec Backup Exec System Recovery Manager 7.0.3
Symantec Backup Exec System Recovery Manager 7.0.2
Symantec Backup Exec System Recovery Manager 7.0.1
Symantec Backup Exec System Recovery Manager 7.0
Symantec Backup Exec System Recovery Manager 6.0
GEAR Software GEAR Driver 0
eSignal eSignal 6.0.2
Apple iTunes 7.3.2
Apple iTunes 7.3.1
Apple iTunes 7.3
Apple iTunes 7.0.2
Apple iTunes 6.0.5
Apple iTunes 6.0.4
Apple iTunes 6.0.3
Apple iTunes 6.0.1
Apple iTunes 6.0
Apple iTunes 7.4
Not Vulnerable: GEAR Software GEAR Driver 4.1.7
Apple iTunes 8.0

Discussion

GEAR Software CD DVD Filter Driver 'GEARAspiWDM.sys' Local Privilege Escalation Vulnerability

GEAR Software CD DVD Filter driver ('GEARAspiWDM.sys') is prone to a local privilege-escalation vulnerability caused by an integer-overflow issue.

Local attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will cause a denial-of-service condition.

GEAR Software CD DVD filter driver is used by the following products:

Apple ITunes prior to 8.0
Norton 360 2.0 and prior
Norton Ghost 14 and prior
Norton Save and Restore 2.0 and prior
Backup Exec System Recovery 6, 7, and 8
Symantec LiveState Recovery

NOTE: This BID was previously titled 'Apple iTunes Third Party Driver Local Privilege Escalation Vulnerability', but new information has allowed us to update the BID to better reflect the root cause of the issue.

Exploit / POC

GEAR Software CD DVD Filter Driver 'GEARAspiWDM.sys' Local Privilege Escalation Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

GEAR Software CD DVD Filter Driver 'GEARAspiWDM.sys' Local Privilege Escalation Vulnerability

Solution:
The vendor has released an update. Please see the references for more information.


GEAR Software GEAR Driver 0

Apple iTunes 7.4

Symantec Norton 360 1.0

Symantec Norton Ghost 10.1

Symantec Backup Exec System Recovery Manager 6.0

Symantec Norton Save and Restore 2.0

Symantec Backup Exec System Recovery Manager 7.0

Symantec Norton Ghost 14.0

Symantec Norton 360 2.0

Symantec Norton Ghost 10.0

Symantec LiveState Recovery 6.0

Symantec LiveState Recovery 6.01

Symantec LiveState Recovery 6.02

Symantec Norton Ghost 12.0

Symantec Norton Ghost 13.0

Apple iTunes 6.0

Apple iTunes 6.0.1

eSignal eSignal 6.0.2

Apple iTunes 6.0.3

Apple iTunes 6.0.4

Apple iTunes 6.0.5

Symantec Backup Exec System Recovery Manager 7.0.1

Apple iTunes 7.0.2

Symantec Backup Exec System Recovery Manager 7.0.2

Symantec Backup Exec System Recovery Manager 7.0.3

Symantec Backup Exec System Recovery Manager 7.0.4

Apple iTunes 7.3

Apple iTunes 7.3.1

Apple iTunes 7.3.2

Symantec Backup Exec System Recovery Manager 8.0

Symantec Backup Exec System Recovery Manager 8.0.1

Symantec Backup Exec System Recovery Manager 8.0.2

References

GEAR Software CD DVD Filter Driver 'GEARAspiWDM.sys' Local Privilege Escalation Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report