mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
96 lines
3.0 KiB
JSON
96 lines
3.0 KiB
JSON
{
|
|
"id": "CVE-2014-4974",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2014-11-04T16:55:06.450",
|
|
"lastModified": "2017-08-29T01:35:10.453",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El controlador del modo de kernel del filtro ESET Personal Firewall NDIS (EpFwNdis.sys), tambi\u00e9n conocido como el m\u00f3dulo Personal Firewall anterior a Build 1212 (20140609), utilizado en m\u00faltiples productos ESET 5.0 hasta 7.0, permite a usuarios locales obtener informaci\u00f3n sensible de la memoria del kernel a trav\u00e9s de llamadas IOCTL manipuladas."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "LOCAL",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 2.1
|
|
},
|
|
"baseSeverity": "LOW",
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-200"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eset:personal_firewall_ndis_filter:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "1183_\\(20140214\\)",
|
|
"matchCriteriaId": "A967F15F-3EFC-46F7-AE31-AF77E44F36BE"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://packetstormsecurity.com/files/128874/ESET-7.0-Kernel-Memory-Leak.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://seclists.org/fulldisclosure/2014/Oct/118",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/70770",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98312",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |