iDefense Security Advisory 11.06.07 - Local exploitation of a design error vulnerability in Microsoft's DebugView could allow attackers to execute arbitrary kernel code. As part of its design, DebugView loads a kernel module Dbgv.sys. This module includes functionality that can be abused to copy user supplied data into the kernel, to controlled addresses. This allows malicious users to inject arbitrary code into the running kernel. iDefense confirmed the existence of this vulnerability in Microsoft DebugView version 4.64. The specific file version of Dbgv.sys is 4.60.0.0. This file is deleted automatically after being loaded and will not be found on disk. Previous versions are suspected to be vulnerable as well.
0b00f9045bac936d268732de36b5e66cbcf489bf0fd354410de4b492a97276f0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed