Vulnerability Details : CVE-2014-8608
Potential exploit
The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to cause a denial of service (NULL pointer dereference) as demonstrated by a filename containing "crashme$$".
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2014-8608
- cpe:2.3:a:k7computing:k7av_sentry_device_driver:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-8608
0.16%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 34 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-8608
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
References for CVE-2014-8608
-
http://seclists.org/fulldisclosure/2014/Dec/45
Full Disclosure: CVE-2014-8608 - Null Pointer Dereference In K7 Computing Multiple Products [K7Sentry.sys]Exploit
-
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8608/
CVE-2014-8608 | K7 Computing Multiple Product Null Pointer DereferenceExploit
-
http://www.securityfocus.com/bid/71615
K7 Computing K7Sentry.sys CVE-2014-8608 NULL Pointer Dereference Denial of Service Vulnerability
-
http://packetstormsecurity.com/files/129470/K7-Computing-Multiple-Products-Null-Pointer-Dereference.html
K7 Computing Multiple Products Null Pointer Dereference ≈ Packet StormExploit
Jump to