CVE-2014-7136 - OpenCVE

Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
K7computing	K7firewall Packet Driver

Configuration 1 [-]

cpe:2.3:a:k7computing:k7firewall_packet_driver:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html
http://seclists.org/fulldisclosure/2014/Dec/47
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-12-12T15:00:00

Updated: 2024-08-06T12:40:18.997Z

Reserved: 2014-09-21T00:00:00

Link: CVE-2014-7136

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2014-12-12T15:59:07.073

Modified: 2014-12-15T19:50:07.737

Link: CVE-2014-7136

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-10T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-12-12T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"}, {"name": "20141210 CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2014/Dec/47"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-7136", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/", "refsource": "MISC", "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"}, {"name": "20141210 CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2014/Dec/47"}, {"name": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T12:40:18.997Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"}, {"name": "20141210 CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2014/Dec/47"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-7136", "datePublished": "2014-12-12T15:00:00", "dateReserved": "2014-09-21T00:00:00", "dateUpdated": "2024-08-06T12:40:18.997Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:k7computing:k7firewall_packet_driver:*:*:*:*:*:*:*:*", "matchCriteriaId": "6700DDA2-8494-4B64-B402-DB1C83E24675", "versionEndIncluding": "14.0.1.15", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call."}, {"lang": "es", "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en el controlador del modo de kernel K7FWFilt.sys (tambi\u00e9n conocido como K7Firewall Packet Driver) anterior a 14.0.1.16, utilizado en m\u00faltiples productos de K7 Computing, permite a usuarios locales ejecutar c\u00f3digo arbitrario con privilegios de kernel a trav\u00e9s de un par\u00e1metro manipulado en una llamada API DeviceIoControl."}], "id": "CVE-2014-7136", "lastModified": "2014-12-15T19:50:07.737", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-12-12T15:59:07.073", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://seclists.org/fulldisclosure/2014/Dec/47"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}