K7 Anti-Virus Plus Privilege Escalation Vulnerability Feb15 (Windows) Network Vulnerability

Summary

The host is installed with K7 Anti-Virus Plus and is prone to privilege escalation vulnerability.

Impact

Successful exploitation will allow a local attacker to write controlled data to any memory location and execute code with kernel-level privileges. Impact Level: System

Solution

Upgrade to K7 Anti-Virus Plus version 14.2.0.253 or later, For updates refer to http://www.k7computing.co.uk

Insight

The flaw is due to a write-what-where flaw in K7Sentry.sys in K7 Computing products that is triggered when handling certain IOCTL calls.

Affected

K7 Anti-Virus Plus before 14.2.0.253 on Windows.

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/113007
http://packetstormsecurity.com/files/130246/
http://www.exploit-db.com/exploits/35992/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-9643

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities-01 Jan15 (Windows)
Adobe Air Multiple Vulnerabilities - December12 (Windows)
Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)
Adobe AIR Multiple Vulnerabilities -01 Feb13 (Windows)
Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)

Take action and discover your vulnerabilities