Vulnerabilities > CVE-2007-4785 - Security Bypass vulnerability in Micro Vault Fingerprint Access Software
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
sony
Summary
Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://hiltont.blogspot.com/2007/08/sony-rootkit-version-2.html
- http://observed.de/?entnum=101
- http://securityreason.com/securityalert/3118
- http://www.computerdefense.org/?p=380
- http://www.f-secure.com/weblog/archives/archive-082007.html#00001263
- http://www.f-secure.com/weblog/archives/archive-082007.html#00001266
- http://www.securityfocus.com/archive/1/478149/100/0/threaded
- http://www.securityfocus.com/archive/1/478315/100/0/threaded
- http://www.securityfocus.com/archive/1/478357/100/0/threaded
- http://www.securityfocus.com/archive/1/478365/100/0/threaded