Vulnerabilities > CVE-2007-4223 - Local Privilege Escalation vulnerability in Microsoft Sysinternals Debugview 4.71
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an unspecified mechanism for copying data into kernel memory, which allows local users to gain privileges via unspecified vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 26359 CVE(CAN) ID: CVE-2007-4223 DebugView允许用户监控本地系统或可通过TCP/IP访问的网络中计算机上的调试输出。 DebugView所加载的Dbgv.sys内核模块中的功能可能允许将用户提供的数据拷贝到内核中可控的地址,这样恶意用户就可以向运行的内核中注入任意代码。 如果要利用这个漏洞,管理员必须加载DebugView,这样才会将Dbgv.sys驱动加载到内核,然后所有用户在系统重启之前都可以访问有漏洞的内核模块。 Microsoft DebugView 4.64 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href="http://download.sysinternals.com/Files/DebugView.zip" target="_blank">http://download.sysinternals.com/Files/DebugView.zip</a> |
| id | SSV:2396 |
| last seen | 2017-11-19 |
| modified | 2007-11-08 |
| published | 2007-11-08 |
| reporter | Root |
| title | Microsoft DebugView Dbgv.sys内核模块本地权限升漏洞 |