Vulnerability-Lookup

CVE-2014-7136 (GCVE-0-2014-7136)

Vulnerability from cvelistv5 – Published: 2014-12-12 15:00 – Updated: 2024-08-06 12:40

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

VAR-201412-0060

Vulnerability from variot - Updated: 2025-04-13 23:29

Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call. K7 Computing K7FWFilt.sys device driver is prone to a local code-execution vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. K7FWFilt.sys 11.0.1.5 and prior are vulnerable. Successful exploitation of this bug results in vertical privilege escalation.

Technical Details:

The function handling IOCTL 0x830020C4 does not validate the size of the output buffer parameter passed in the DeviceIoControl API, which leads to a heap overflow on buffer data initialization. In particular, the function assumes that the output buffer has a size of 0x22C4 bytes. By declaring a smaller buffer we are able to overwrite other data and kernel objects that might follow and potentially control the execution flow via a corrupted kernel object.

ba31cb06 8b7d14 mov edi,dword ptr [ebp+14h] <--- EDI == allocated buffer ba31cb09 ff7514 push dword ptr [ebp+14h] ba31cb0c b9b1080000 mov ecx,8B1h <--- assume buffer size 0x8b1 * 4 ba31cb11 33c0 xor eax,eax <--- zero out EAX ba31cb13 f3ab rep stos dword ptr es:[edi] <--- Heap Overflow

Further details at:

https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/

Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited.

Disclaimer: The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

This email originates from the systems of Portcullis Computer Security Limited, a Private limited company, registered in England in accordance with the Companies Act under number 02763799. The registered office address of Portcullis Computer Security Limited is: Portcullis House, 2 Century Court, Tolpits Lane, Watford, United Kingdom, WD18 9RS.
The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Any opinions expressed are those of the individual and do not represent the opinion of the organisation. Access to this email by persons other than the intended recipient is strictly prohibited. If you are not the intended recipient, any disclosure, copying, distribution or other action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email is subject to the terms and conditions expressed in the applicable Portcullis Computer Security Limited terms of business.

This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal.

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201412-0060",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "k7firewall packet driver",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "k7computing",
        "version": "14.0.1.15"
      },
      {
        "model": "k7firewall packet driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "k7 computing",
        "version": "14.0.1.16"
      },
      {
        "model": "k7firewall packet driver",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "k7computing",
        "version": "14.0.1.15"
      },
      {
        "model": "computing pvt ltd k7fwfilt.sys",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "k7",
        "version": "11.0"
      },
      {
        "model": "computing pvt ltd k7fwfilt.sys",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "k7",
        "version": "11.0.1.5"
      },
      {
        "model": "computing pvt ltd k7fwfilt.sys",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "k7",
        "version": "14.0.1.16"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "71611"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-320"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7136"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:k7computing:k7firewall_packet_driver",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Kyriakos Economou",
    "sources": [
      {
        "db": "BID",
        "id": "71611"
      },
      {
        "db": "PACKETSTORM",
        "id": "129474"
      }
    ],
    "trust": 0.4
  },
  "cve": "CVE-2014-7136",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2014-7136",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-75080",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-7136",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-7136",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201412-320",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-75080",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-75080"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-320"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7136"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call. K7 Computing K7FWFilt.sys device driver is prone to a local code-execution vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. \nK7FWFilt.sys 11.0.1.5 and prior are vulnerable. Successful exploitation of this bug results in vertical privilege escalation. \n\nTechnical Details:\n\nThe function handling IOCTL 0x830020C4 does not validate the size of the output buffer parameter passed in the DeviceIoControl API, which leads to a heap overflow on buffer data initialization. In particular, the function assumes that the output buffer has a size of 0x22C4 bytes. By declaring a smaller buffer we are able to overwrite other data and kernel objects that might follow and potentially control the execution flow via a corrupted kernel object. \n\nba31cb06 8b7d14 mov edi,dword ptr [ebp+14h] \u003c--- EDI == allocated buffer\nba31cb09 ff7514 push dword ptr [ebp+14h]\nba31cb0c b9b1080000 mov ecx,8B1h \u003c--- assume buffer size 0x8b1 * 4\nba31cb11 33c0 xor eax,eax \u003c--- zero out EAX\nba31cb13 f3ab rep stos dword ptr es:[edi] \u003c--- Heap Overflow\n\nFurther details at:\n\nhttps://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/\n\nCopyright:\nCopyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited. \n\nDisclaimer:\nThe information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user\u0027s risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information. \n\n\n###############################################################\nThis email originates from the systems of Portcullis\nComputer Security Limited, a Private limited company, \nregistered in England in accordance with the Companies \nAct under number 02763799. The registered office \naddress of Portcullis Computer Security Limited is: \nPortcullis House, 2 Century Court, Tolpits Lane, Watford, \nUnited Kingdom, WD18 9RS.  \nThe information in this email is confidential and may be \nlegally privileged. It is intended solely for the addressee. \nAny opinions expressed are those of the individual and \ndo not represent the opinion of the organisation. Access \nto this email by persons other than the intended recipient \nis strictly prohibited. \nIf you are not the intended recipient, any disclosure, \ncopying, distribution or other action taken or omitted to be \ntaken in reliance on it, is prohibited and may be unlawful. \nWhen addressed to our clients any opinions or advice \ncontained in this email is subject to the terms and \nconditions expressed in the applicable Portcullis Computer \nSecurity Limited terms of business. \n###############################################################\n\n#####################################################################################\nThis e-mail message has been scanned for Viruses and Content and cleared \nby MailMarshal. \n#####################################################################################\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-7136"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      },
      {
        "db": "BID",
        "id": "71611"
      },
      {
        "db": "VULHUB",
        "id": "VHN-75080"
      },
      {
        "db": "PACKETSTORM",
        "id": "129474"
      }
    ],
    "trust": 2.07
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-75080",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-75080"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-7136",
        "trust": 2.9
      },
      {
        "db": "PACKETSTORM",
        "id": "129474",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-320",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "71611",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-75080",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-75080"
      },
      {
        "db": "BID",
        "id": "71611"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      },
      {
        "db": "PACKETSTORM",
        "id": "129474"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-320"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7136"
      }
    ]
  },
  "id": "VAR-201412-0060",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-75080"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-13T23:29:40.393000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.k7computing.com/en/consumer.php"
      },
      {
        "title": "setup-eng-ts",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=52999"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-320"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-75080"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7136"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"
      },
      {
        "trust": 1.7,
        "url": "http://seclists.org/fulldisclosure/2014/dec/47"
      },
      {
        "trust": 1.7,
        "url": "http://packetstormsecurity.com/files/129474/k7-computing-multiple-products-k7fwfilt.sys-privilege-escalation.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-7136"
      },
      {
        "trust": 0.8,
        "url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-7136"
      },
      {
        "trust": 0.3,
        "url": "http://www.k7computing.com/en/product/k7-antivirusplus.php"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-7136"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-75080"
      },
      {
        "db": "BID",
        "id": "71611"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      },
      {
        "db": "PACKETSTORM",
        "id": "129474"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-320"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7136"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-75080"
      },
      {
        "db": "BID",
        "id": "71611"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      },
      {
        "db": "PACKETSTORM",
        "id": "129474"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-320"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-7136"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-12-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-75080"
      },
      {
        "date": "2014-12-05T00:00:00",
        "db": "BID",
        "id": "71611"
      },
      {
        "date": "2014-12-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      },
      {
        "date": "2014-12-10T20:32:22",
        "db": "PACKETSTORM",
        "id": "129474"
      },
      {
        "date": "2014-12-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201412-320"
      },
      {
        "date": "2014-12-12T15:59:07.073000",
        "db": "NVD",
        "id": "CVE-2014-7136"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-12-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-75080"
      },
      {
        "date": "2014-12-05T00:00:00",
        "db": "BID",
        "id": "71611"
      },
      {
        "date": "2014-12-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      },
      {
        "date": "2014-12-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201412-320"
      },
      {
        "date": "2025-04-12T10:46:40.837000",
        "db": "NVD",
        "id": "CVE-2014-7136"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "71611"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-320"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  K7 Computing Used in products  K7FWFilt.sys Heap-based buffer overflow vulnerability in kernel mode driver",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-005989"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201412-320"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2014-7136

Vulnerability from fkie_nvd - Published: 2014-12-12 15:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html	Exploit
cve@mitre.org	http://seclists.org/fulldisclosure/2014/Dec/47	Exploit
cve@mitre.org	https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2014/Dec/47	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/	Exploit

Impacted products

	Vendor	Product	Version
	k7computing	k7firewall_packet_driver	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:k7computing:k7firewall_packet_driver:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6700DDA2-8494-4B64-B402-DB1C83E24675",
              "versionEndIncluding": "14.0.1.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en el controlador del modo de kernel K7FWFilt.sys (tambi\u00e9n conocido como K7Firewall Packet Driver) anterior a 14.0.1.16, utilizado en m\u00faltiples productos de K7 Computing, permite a usuarios locales ejecutar c\u00f3digo arbitrario con privilegios de kernel a trav\u00e9s de un par\u00e1metro manipulado en una llamada API DeviceIoControl."
    }
  ],
  "id": "CVE-2014-7136",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-12-12T15:59:07.073",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://seclists.org/fulldisclosure/2014/Dec/47"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://seclists.org/fulldisclosure/2014/Dec/47"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-XH58-CX6C-2H9H

Vulnerability from github – Published: 2022-05-17 04:19 – Updated: 2025-04-12 12:43

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-7136"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-12-12T15:59:00Z",
    "severity": "HIGH"
  },
  "details": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.",
  "id": "GHSA-xh58-cx6c-2h9h",
  "modified": "2025-04-12T12:43:01Z",
  "published": "2022-05-17T04:19:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7136"
    },
    {
      "type": "WEB",
      "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2014/Dec/47"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2014-7136

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-7136

Aliases

CVE-2014-7136

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-7136",
    "description": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.",
    "id": "GSD-2014-7136"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-7136"
      ],
      "details": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.",
      "id": "GSD-2014-7136",
      "modified": "2023-12-13T01:22:47.444160Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-7136",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/",
            "refsource": "MISC",
            "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"
          },
          {
            "name": "20141210 CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2014/Dec/47"
          },
          {
            "name": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:k7computing:k7firewall_packet_driver:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "14.0.1.15",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-7136"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7136/"
            },
            {
              "name": "20141210 CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]",
              "refsource": "FULLDISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://seclists.org/fulldisclosure/2014/Dec/47"
            },
            {
              "name": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://packetstormsecurity.com/files/129474/K7-Computing-Multiple-Products-K7FWFilt.sys-Privilege-Escalation.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2014-12-15T19:50Z",
      "publishedDate": "2014-12-12T15:59Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-7136 (GCVE-0-2014-7136)

VAR-201412-0060

FKIE_CVE-2014-7136

GHSA-XH58-CX6C-2H9H

GSD-2014-7136

Tags

Sightings

Nomenclature