CVE-2014-9643
Description
K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
K7 Computing (Multiple Products) - Arbitrary Write Privilege Escalation
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| k7computing | k7sentry.sys | {"endIncluding":"12.8.0.117"} | |
| k7computing | anti-virus_plus | {"endIncluding":"14.2.0.252"} | |
| k7computing | total_security | {"endIncluding":"14.2.0.252"} | |
| k7computing | ultimate_security | {"endIncluding":"14.2.0.252"} | |
References
- http://packetstormsecurity.com/files/130246/K7-Computing-14.2.0.240-Privilege-Escalation.html
- http://www.exploit-db.com/exploits/35992
- http://www.greyhathacker.net/?p=818
- http://www.osvdb.org/113007
- http://packetstormsecurity.com/files/130246/K7-Computing-14.2.0.240-Privilege-Escalation.html
- http://www.exploit-db.com/exploits/35992
- http://www.greyhathacker.net/?p=818
- http://www.osvdb.org/113007
CWEs
CWE-264
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.