An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 188.8.131.524. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP request to trigger this vulnerability.
Sophos HitmanPro.Alert is prone to the following security vulnerabilities: 1. An information-disclosure vulnerability 2. A local privilege-escalation vulnerability An attacker can leverage these issues to obtain sensitive information and gain elevated privileges. Failed exploit attempts may result in a denial of service condition. Sophos HitmanPro.Alert is 184.108.40.2064 is vulnerable; other versions may also be affected.
Updates are available. Please see the references or vendor advisory for more information.
Exploit codes are available; please see the references for more information.