Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for safedisc by macrovision

    CVE-2007-5587 (GCVE-0-2007-5587)

    Vulnerability from nvd – Published: 2007-10-19 21:00 – Updated: 2024-08-07 15:39
    VLAI
    Summary
    Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.reversemode.com/index.php?option=com_m… x_refsource_MISC
    http://blog.48bits.com/?p=172 x_refsource_MISC
    http://secunia.com/advisories/27285 third-party-advisoryx_refsource_SECUNIA
    http://www.microsoft.com/technet/security/advisor… vendor-advisoryx_refsource_MSKB
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.vupen.com/english/advisories/2007/3537 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/485268/100… vendor-advisoryx_refsource_HP
    http://www.symantec.com/enterprise/security_respo… x_refsource_MISC
    http://osvdb.org/41429 vdb-entryx_refsource_OSVDB
    http://www.us-cert.gov/cas/techalerts/TA07-345A.html third-party-advisoryx_refsource_CERT
    http://www.securityfocus.com/archive/1/482482/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/482474/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/3266 third-party-advisoryx_refsource_SREASON
    http://www.securitytracker.com/id?1018833 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/26121 vdb-entryx_refsource_BID
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    Date Public
    2007-10-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:39:13.262Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.reversemode.com/index.php?option=com_mamblog\u0026Itemid=15\u0026task=show\u0026action=view\u0026id=43\u0026Itemid=15"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blog.48bits.com/?p=172"
              },
              {
                "name": "27285",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27285"
              },
              {
                "name": "944653",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MSKB",
                  "x_transferred"
                ],
                "url": "http://www.microsoft.com/technet/security/advisory/944653.mspx"
              },
              {
                "name": "oval:org.mitre.oval:def:4584",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4584"
              },
              {
                "name": "ADV-2007-3537",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3537"
              },
              {
                "name": "SSRT071506",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html"
              },
              {
                "name": "41429",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/41429"
              },
              {
                "name": "HPSBST02299",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
              },
              {
                "name": "TA07-345A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html"
              },
              {
                "name": "20071018 [CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482482/100/0/threaded"
              },
              {
                "name": "windows-secdrv-bo(37284)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37284"
              },
              {
                "name": "20071017 Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482474/100/0/threaded"
              },
              {
                "name": "3266",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3266"
              },
              {
                "name": "1018833",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018833"
              },
              {
                "name": "26121",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26121"
              },
              {
                "name": "MS07-067",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-067"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.reversemode.com/index.php?option=com_mamblog\u0026Itemid=15\u0026task=show\u0026action=view\u0026id=43\u0026Itemid=15"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blog.48bits.com/?p=172"
            },
            {
              "name": "27285",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27285"
            },
            {
              "name": "944653",
              "tags": [
                "vendor-advisory",
                "x_refsource_MSKB"
              ],
              "url": "http://www.microsoft.com/technet/security/advisory/944653.mspx"
            },
            {
              "name": "oval:org.mitre.oval:def:4584",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4584"
            },
            {
              "name": "ADV-2007-3537",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3537"
            },
            {
              "name": "SSRT071506",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html"
            },
            {
              "name": "41429",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/41429"
            },
            {
              "name": "HPSBST02299",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
            },
            {
              "name": "TA07-345A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html"
            },
            {
              "name": "20071018 [CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482482/100/0/threaded"
            },
            {
              "name": "windows-secdrv-bo(37284)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37284"
            },
            {
              "name": "20071017 Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482474/100/0/threaded"
            },
            {
              "name": "3266",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3266"
            },
            {
              "name": "1018833",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018833"
            },
            {
              "name": "26121",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26121"
            },
            {
              "name": "MS07-067",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-067"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5587",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.reversemode.com/index.php?option=com_mamblog\u0026Itemid=15\u0026task=show\u0026action=view\u0026id=43\u0026Itemid=15",
                  "refsource": "MISC",
                  "url": "http://www.reversemode.com/index.php?option=com_mamblog\u0026Itemid=15\u0026task=show\u0026action=view\u0026id=43\u0026Itemid=15"
                },
                {
                  "name": "http://blog.48bits.com/?p=172",
                  "refsource": "MISC",
                  "url": "http://blog.48bits.com/?p=172"
                },
                {
                  "name": "27285",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27285"
                },
                {
                  "name": "944653",
                  "refsource": "MSKB",
                  "url": "http://www.microsoft.com/technet/security/advisory/944653.mspx"
                },
                {
                  "name": "oval:org.mitre.oval:def:4584",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4584"
                },
                {
                  "name": "ADV-2007-3537",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3537"
                },
                {
                  "name": "SSRT071506",
                  "refsource": "HP",
                  "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
                },
                {
                  "name": "http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html",
                  "refsource": "MISC",
                  "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html"
                },
                {
                  "name": "41429",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/41429"
                },
                {
                  "name": "HPSBST02299",
                  "refsource": "HP",
                  "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
                },
                {
                  "name": "TA07-345A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html"
                },
                {
                  "name": "20071018 [CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482482/100/0/threaded"
                },
                {
                  "name": "windows-secdrv-bo(37284)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37284"
                },
                {
                  "name": "20071017 Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482474/100/0/threaded"
                },
                {
                  "name": "3266",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3266"
                },
                {
                  "name": "1018833",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018833"
                },
                {
                  "name": "26121",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26121"
                },
                {
                  "name": "MS07-067",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-067"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5587",
        "datePublished": "2007-10-19T21:00:00.000Z",
        "dateReserved": "2007-10-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:39:13.262Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1197 (GCVE-0-2006-1197)

    Vulnerability from nvd – Published: 2006-03-13 22:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-03-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:28.741Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060311 Copy protection scheme SafeDisc allows privilege escalation",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/427410/100/0/threaded"
              },
              {
                "name": "17070",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17070"
              },
              {
                "name": "safedisk-secdrv-gain-privileges(25162)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25162"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060311 Copy protection scheme SafeDisc allows privilege escalation",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/427410/100/0/threaded"
            },
            {
              "name": "17070",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17070"
            },
            {
              "name": "safedisk-secdrv-gain-privileges(25162)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25162"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1197",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060311 Copy protection scheme SafeDisc allows privilege escalation",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/427410/100/0/threaded"
                },
                {
                  "name": "17070",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17070"
                },
                {
                  "name": "safedisk-secdrv-gain-privileges(25162)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25162"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1197",
        "datePublished": "2006-03-13T22:00:00.000Z",
        "dateReserved": "2006-03-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:28.741Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5587 (GCVE-0-2007-5587)

    Vulnerability from cvelistv5 – Published: 2007-10-19 21:00 – Updated: 2024-08-07 15:39
    VLAI
    Summary
    Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.reversemode.com/index.php?option=com_m… x_refsource_MISC
    http://blog.48bits.com/?p=172 x_refsource_MISC
    http://secunia.com/advisories/27285 third-party-advisoryx_refsource_SECUNIA
    http://www.microsoft.com/technet/security/advisor… vendor-advisoryx_refsource_MSKB
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.vupen.com/english/advisories/2007/3537 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/485268/100… vendor-advisoryx_refsource_HP
    http://www.symantec.com/enterprise/security_respo… x_refsource_MISC
    http://osvdb.org/41429 vdb-entryx_refsource_OSVDB
    http://www.us-cert.gov/cas/techalerts/TA07-345A.html third-party-advisoryx_refsource_CERT
    http://www.securityfocus.com/archive/1/482482/100… mailing-listx_refsource_BUGTRAQ
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/482474/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/3266 third-party-advisoryx_refsource_SREASON
    http://www.securitytracker.com/id?1018833 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/26121 vdb-entryx_refsource_BID
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    Date Public
    2007-10-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:39:13.262Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.reversemode.com/index.php?option=com_mamblog\u0026Itemid=15\u0026task=show\u0026action=view\u0026id=43\u0026Itemid=15"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blog.48bits.com/?p=172"
              },
              {
                "name": "27285",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27285"
              },
              {
                "name": "944653",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MSKB",
                  "x_transferred"
                ],
                "url": "http://www.microsoft.com/technet/security/advisory/944653.mspx"
              },
              {
                "name": "oval:org.mitre.oval:def:4584",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4584"
              },
              {
                "name": "ADV-2007-3537",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3537"
              },
              {
                "name": "SSRT071506",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html"
              },
              {
                "name": "41429",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/41429"
              },
              {
                "name": "HPSBST02299",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
              },
              {
                "name": "TA07-345A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html"
              },
              {
                "name": "20071018 [CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482482/100/0/threaded"
              },
              {
                "name": "windows-secdrv-bo(37284)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37284"
              },
              {
                "name": "20071017 Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/482474/100/0/threaded"
              },
              {
                "name": "3266",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3266"
              },
              {
                "name": "1018833",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018833"
              },
              {
                "name": "26121",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26121"
              },
              {
                "name": "MS07-067",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-067"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-10-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.reversemode.com/index.php?option=com_mamblog\u0026Itemid=15\u0026task=show\u0026action=view\u0026id=43\u0026Itemid=15"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blog.48bits.com/?p=172"
            },
            {
              "name": "27285",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27285"
            },
            {
              "name": "944653",
              "tags": [
                "vendor-advisory",
                "x_refsource_MSKB"
              ],
              "url": "http://www.microsoft.com/technet/security/advisory/944653.mspx"
            },
            {
              "name": "oval:org.mitre.oval:def:4584",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4584"
            },
            {
              "name": "ADV-2007-3537",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3537"
            },
            {
              "name": "SSRT071506",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html"
            },
            {
              "name": "41429",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/41429"
            },
            {
              "name": "HPSBST02299",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
            },
            {
              "name": "TA07-345A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html"
            },
            {
              "name": "20071018 [CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482482/100/0/threaded"
            },
            {
              "name": "windows-secdrv-bo(37284)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37284"
            },
            {
              "name": "20071017 Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/482474/100/0/threaded"
            },
            {
              "name": "3266",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3266"
            },
            {
              "name": "1018833",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018833"
            },
            {
              "name": "26121",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26121"
            },
            {
              "name": "MS07-067",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-067"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5587",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.reversemode.com/index.php?option=com_mamblog\u0026Itemid=15\u0026task=show\u0026action=view\u0026id=43\u0026Itemid=15",
                  "refsource": "MISC",
                  "url": "http://www.reversemode.com/index.php?option=com_mamblog\u0026Itemid=15\u0026task=show\u0026action=view\u0026id=43\u0026Itemid=15"
                },
                {
                  "name": "http://blog.48bits.com/?p=172",
                  "refsource": "MISC",
                  "url": "http://blog.48bits.com/?p=172"
                },
                {
                  "name": "27285",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27285"
                },
                {
                  "name": "944653",
                  "refsource": "MSKB",
                  "url": "http://www.microsoft.com/technet/security/advisory/944653.mspx"
                },
                {
                  "name": "oval:org.mitre.oval:def:4584",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4584"
                },
                {
                  "name": "ADV-2007-3537",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3537"
                },
                {
                  "name": "SSRT071506",
                  "refsource": "HP",
                  "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
                },
                {
                  "name": "http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html",
                  "refsource": "MISC",
                  "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html"
                },
                {
                  "name": "41429",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/41429"
                },
                {
                  "name": "HPSBST02299",
                  "refsource": "HP",
                  "url": "http://www.securityfocus.com/archive/1/485268/100/0/threaded"
                },
                {
                  "name": "TA07-345A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA07-345A.html"
                },
                {
                  "name": "20071018 [CORRECTED] Microsoft Windows XP SP2/2003 - Macrovision SecDrv.sys privilege escalation (0day)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482482/100/0/threaded"
                },
                {
                  "name": "windows-secdrv-bo(37284)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37284"
                },
                {
                  "name": "20071017 Microsoft Windows XP/2003 Macrovision SecDrv.sys privilege escalation (0day)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/482474/100/0/threaded"
                },
                {
                  "name": "3266",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3266"
                },
                {
                  "name": "1018833",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018833"
                },
                {
                  "name": "26121",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26121"
                },
                {
                  "name": "MS07-067",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-067"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5587",
        "datePublished": "2007-10-19T21:00:00.000Z",
        "dateReserved": "2007-10-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:39:13.262Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1197 (GCVE-0-2006-1197)

    Vulnerability from cvelistv5 – Published: 2006-03-13 22:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2006-03-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:28.741Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060311 Copy protection scheme SafeDisc allows privilege escalation",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/427410/100/0/threaded"
              },
              {
                "name": "17070",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17070"
              },
              {
                "name": "safedisk-secdrv-gain-privileges(25162)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25162"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060311 Copy protection scheme SafeDisc allows privilege escalation",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/427410/100/0/threaded"
            },
            {
              "name": "17070",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17070"
            },
            {
              "name": "safedisk-secdrv-gain-privileges(25162)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25162"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1197",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060311 Copy protection scheme SafeDisc allows privilege escalation",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/427410/100/0/threaded"
                },
                {
                  "name": "17070",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17070"
                },
                {
                  "name": "safedisk-secdrv-gain-privileges(25162)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25162"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1197",
        "datePublished": "2006-03-13T22:00:00.000Z",
        "dateReserved": "2006-03-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:28.741Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }