Vulnerabilities > CVE-2010-2308 - Local Security vulnerability in Anti-Virus Small Business Edition
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function.
Vulnerable Configurations
Nessus
| NASL family | Windows |
| NASL id | SOPHOS_7_6_20.NASL |
| description | According to its version number, the Sophos Anti-Virus installation on the remote Windows host is affected by a local privilege escalation vulnerability. A local attacker, exploiting this flaw, could execute arbitrary code in kernel mode and thereby gain complete control of the affected system. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 46860 |
| published | 2010-06-10 |
| reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/46860 |
| title | Sophos Anti-Virus SAVOnAccessFilter Local Privilege Escalation |
References
- http://dvlabs.tippingpoint.com/advisory/TPTI-10-03
- http://secunia.com/advisories/40085
- http://www.securityfocus.com/archive/1/511773/100/0/threaded
- http://www.securitytracker.com/id?1024089
- http://www.sophos.com/support/knowledgebase/article/111126.html
- http://www.vupen.com/english/advisories/2010/1412