Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Lenovo System Update by Lenovo Group Ltd.
CVE-2018-9063 (GCVE-0-2018-9063)
Vulnerability from nvd – Published: 2018-05-04 16:00 – Updated: 2024-09-16 20:12
VLAI
Summary
MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv.
Severity
No CVSS data available.
CWE
- Buffer overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104125 | vdb-entryx_refsource_BID |
| https://support.lenovo.com/us/en/solutions/LEN-19625 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo Group Ltd. | Lenovo System Update |
Affected:
Earlier than 5.07.0072
|
Date Public
2018-05-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104125",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104125"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-19625"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Lenovo System Update",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "Earlier than 5.07.0072"
}
]
}
],
"datePublic": "2018-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MapDrv (C:\\Program Files\\Lenovo\\System Update\\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program\u0027s buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"name": "104125",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104125"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-19625"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2018-05-03T00:00:00",
"ID": "CVE-2018-9063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lenovo System Update",
"version": {
"version_data": [
{
"version_value": "Earlier than 5.07.0072"
}
]
}
}
]
},
"vendor_name": "Lenovo Group Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MapDrv (C:\\Program Files\\Lenovo\\System Update\\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program\u0027s buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104125",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104125"
},
{
"name": "https://support.lenovo.com/us/en/solutions/LEN-19625",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-19625"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2018-9063",
"datePublished": "2018-05-04T16:00:00.000Z",
"dateReserved": "2018-03-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:12:36.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9063 (GCVE-0-2018-9063)
Vulnerability from cvelistv5 – Published: 2018-05-04 16:00 – Updated: 2024-09-16 20:12
VLAI
Summary
MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv.
Severity
No CVSS data available.
CWE
- Buffer overflow
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104125 | vdb-entryx_refsource_BID |
| https://support.lenovo.com/us/en/solutions/LEN-19625 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo Group Ltd. | Lenovo System Update |
Affected:
Earlier than 5.07.0072
|
Date Public
2018-05-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104125",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104125"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-19625"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Lenovo System Update",
"vendor": "Lenovo Group Ltd.",
"versions": [
{
"status": "affected",
"version": "Earlier than 5.07.0072"
}
]
}
],
"datePublic": "2018-05-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MapDrv (C:\\Program Files\\Lenovo\\System Update\\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program\u0027s buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01.000Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"name": "104125",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104125"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/solutions/LEN-19625"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2018-05-03T00:00:00",
"ID": "CVE-2018-9063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Lenovo System Update",
"version": {
"version_data": [
{
"version_value": "Earlier than 5.07.0072"
}
]
}
}
]
},
"vendor_name": "Lenovo Group Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MapDrv (C:\\Program Files\\Lenovo\\System Update\\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program\u0027s buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104125",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104125"
},
{
"name": "https://support.lenovo.com/us/en/solutions/LEN-19625",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-19625"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2018-9063",
"datePublished": "2018-05-04T16:00:00.000Z",
"dateReserved": "2018-03-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:12:36.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}