An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 184.108.40.2064. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.
Sophos HitmanPro.Alert is prone to the following security vulnerabilities: 1. An information-disclosure vulnerability 2. A local privilege-escalation vulnerability An attacker can leverage these issues to obtain sensitive information and gain elevated privileges. Failed exploit attempts may result in a denial of service condition. Sophos HitmanPro.Alert is 220.127.116.114 is vulnerable; other versions may also be affected.
Updates are available. Please see the references or vendor advisory for more information.
Exploit codes are available; please see the references for more information.