Vulnerabilities > CVE-2007-4223 - Local Privilege Escalation vulnerability in Microsoft Sysinternals Debugview 4.71

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
microsoft
critical

Summary

Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an unspecified mechanism for copying data into kernel memory, which allows local users to gain privileges via unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Microsoft
2

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 26359 CVE(CAN) ID: CVE-2007-4223 DebugView允许用户监控本地系统或可通过TCP/IP访问的网络中计算机上的调试输出。 DebugView所加载的Dbgv.sys内核模块中的功能可能允许将用户提供的数据拷贝到内核中可控的地址,这样恶意用户就可以向运行的内核中注入任意代码。 如果要利用这个漏洞,管理员必须加载DebugView,这样才会将Dbgv.sys驱动加载到内核,然后所有用户在系统重启之前都可以访问有漏洞的内核模块。 Microsoft DebugView 4.64 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href="http://download.sysinternals.com/Files/DebugView.zip" target="_blank">http://download.sysinternals.com/Files/DebugView.zip</a>
idSSV:2396
last seen2017-11-19
modified2007-11-08
published2007-11-08
reporterRoot
titleMicrosoft DebugView Dbgv.sys内核模块本地权限升漏洞