Vulnerabilities > CVE-2008-6000 - Resource Management Errors vulnerability in Gdata products
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service (system crash) or gain privileges via a crafted IOCTL request, as demonstrated by execution of the KeSetEvent function with modified register contents. Per http://trapkit.de/advisories/TKADV2008-008.txt Upgrade to G DATA AntiVirus/InternetSecurity/TotalCare 2009. http://www.gdata.de/
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |