Summary
This host is installed with Panda Global Protection and is prone to heap based buffer overflow vulnerability.
Impact
Successful exploitation will allow attackers
to cause a heap-based buffer overflow by sending a specially crafted IOCTL request and execute arbitrary code on the system with kernel-level privileges.
Impact Level: System/Application
Solution
Apply the hotfix 'hft131306s24_r1'.
For more details refer link, http://www.pandasecurity.com
NOTE: Please ignore the warning if the update is already applied.
Insight
Flaw exist due to improper bounds checking
by the PavTPK.sys kernel mode driver.
Affected
Panda Global Protection 2014 7.01.01
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-5307 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Buffer Overflow Vulnerability (Mac OS X)
- CA eTrust PestPatrol Anti-Spyware 'ppctl.dll' ActiveX Control BOF Vulnerability
- Adobe Flash Professional JPG Object Processing BOF Vulnerability (Mac OS X)
- Apache APR and APR-util Multiple Integer Overflow Vulnerabilities
- avast! 'aswRdr.sys' Buffer Overflow Vulnerability