A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit. NOTE: this was reported in 2008 to affect Windows Vista, but some Linux-based operating systems have protection mechanisms against this attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-11-16T05:00:00

Updated: 2024-08-08T00:38:59.834Z

Reserved: 2004-11-16T00:00:00

Link: CVE-2004-1038

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2005-03-01T05:00:00.000

Modified: 2018-10-19T15:30:32.257

Link: CVE-2004-1038

cve-icon Redhat

No data.