en

Multiple Panda products Multiple Vulnerability

ID: IRCAD2015073991
Release Date: 2015-07-11
Software:
1.0.0.13 (PSKMAD.sys driver version)
Description:
Panda Kernel Memory Access Driver does not validate the size of data to be copied to both an allocated kernel paged pool buffer and to an allocated non-paged pool buffer. Furthermore, the attacker has control over the start-to-copy index regarding the non-paged pool buffer which allows an attacker to corrupt a kernel object with more precision, and control the EIP via a hijacked function pointer. Version 1.0.0.13 is affected.
Solution
Upgarde to latest version.
References:

The Wall

No comments
You need to sign in to comment