CVE-2010-2308 (GCVE-0-2010-2308)

Vulnerability from cvelistv5 – Published: 2010-06-16 20:00 – Updated: 2024-08-07 02:32
VLAI?
Summary
Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:32:15.516Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "40085",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40085"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-03"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sophos.com/support/knowledgebase/article/111126.html"
          },
          {
            "name": "20100609 TPTI-10-03: Sophos Anti-Virus SAVOnAccessFilter Local Privilege Escalation Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/511773/100/0/threaded"
          },
          {
            "name": "1024089",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024089"
          },
          {
            "name": "ADV-2010-1412",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1412"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "40085",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40085"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-03"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sophos.com/support/knowledgebase/article/111126.html"
        },
        {
          "name": "20100609 TPTI-10-03: Sophos Anti-Virus SAVOnAccessFilter Local Privilege Escalation Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/511773/100/0/threaded"
        },
        {
          "name": "1024089",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024089"
        },
        {
          "name": "ADV-2010-1412",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1412"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-2308",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "40085",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40085"
            },
            {
              "name": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-03",
              "refsource": "MISC",
              "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-03"
            },
            {
              "name": "http://www.sophos.com/support/knowledgebase/article/111126.html",
              "refsource": "CONFIRM",
              "url": "http://www.sophos.com/support/knowledgebase/article/111126.html"
            },
            {
              "name": "20100609 TPTI-10-03: Sophos Anti-Virus SAVOnAccessFilter Local Privilege Escalation Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/511773/100/0/threaded"
            },
            {
              "name": "1024089",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1024089"
            },
            {
              "name": "ADV-2010-1412",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1412"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-2308",
    "datePublished": "2010-06-16T20:00:00",
    "dateReserved": "2010-06-16T00:00:00",
    "dateUpdated": "2024-08-07T02:32:15.516Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-2308\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-06-16T20:30:02.747\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el controlador de filtrado (savonaccessfilter.sys) en Sophos Anti-Virus anterior a v7.6.20, permite a usuarios locales elevar sus privilegios a trav\u00e9s de argumentos manipulados en la funci\u00f3n  NtQueryAttributesFile.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.6.19\",\"matchCriteriaId\":\"20367487-5266-4F79-85CF-DF024D23D115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E45839C3-4753-4D22-8FA7-9B0DF6C93414\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.78:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DF9F90F-3E38-496F-A84A-45FC60B7613E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.78d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A27F909C-E84F-466F-BB40-D43A0570B9C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.79:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76354221-841C-443C-921A-6242BF875918\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.80:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"245520DD-FDA3-4470-94C9-4A351D028BF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.81:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"147AF135-4638-4015-B1C1-411611C3FC86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.82:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BAAFDEA-B08E-4BA9-9333-DFDC35B00D71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.83:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4E27696-23CE-4ADD-9859-B0CB1DF02E16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.84:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F9357C-2CFC-4866-8D22-E5BE48182D98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.85:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A98770-8AF2-4B2D-9783-8E2B01D631E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.86:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30136876-3778-4C3A-9CE3-0440588594A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.90:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39972E3A-B377-44DC-B16B-AA6E7ECCE29D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.91:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58B3AE9A-2337-4225-8C1B-87933EE99E18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.95:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5922BAB-7DF5-4F65-AC6E-038900B79396\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.96.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5816EC94-1005-4467-825A-6BB43525FE43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20E8CC2D-5BC8-4EDA-BC52-922B8D280E98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D9D6E1E-9FA4-4BA1-8648-2E1A6A8FC4CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"799249AD-3E8A-4584-A680-A3E618B5372D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"587205B1-322E-478D-9B46-8F20F371C87C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9B6B5D4-E335-4377-8D98-87656522D056\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ED1228F-0733-42D9-853A-B1EB4EB20A91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"136B6228-D71B-4985-B555-5ABC38EF2B42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4518D58D-BD49-4E02-AB93-B1B45B774F2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A398BC60-0F67-4A32-A6CD-F3410D81834F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.33.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41F2865A-0D90-4E78-B2C7-9F6CF13A986E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55D2CFB6-F135-40B5-ACF8-D6513C0AB682\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B781BEA-E3D6-4260-913F-99D46DCC97D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D7952D2-2FE4-44E3-B964-976964CFFB3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05361082-2A61-40D9-9EEE-6ED3C032FB22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0AF1DE9-A0A1-4193-9AD9-56BF39F3557A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE7CC4E8-C039-4895-A3EF-BF1927266744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67E8DF83-4F1B-4E4C-A613-EF0C4502FA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08FACDD3-92A8-4325-AD0D-81100BA81F7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41FAD883-919D-4719-A964-C93F40EE658D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1678D2A7-32D6-4A9E-884C-5850A4BC273D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3605FC9-61B9-489D-863C-5248D71BCF62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F977E43C-B6C7-4C87-A619-1B0B95D40E06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:7.6.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D959321-4D57-44FE-A15E-7C5D443EA588\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:7.6.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"275D6900-9868-478A-B159-B04883AD3992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:7.6.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B7B3DF7-D255-4B43-BFA7-BA18C7CD2213\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:7.6.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F6D123E-EE26-40DF-B958-E86E0957A8DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:7.6.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5233DBFD-0BEC-4315-9F42-7F6F7B6F8C18\"}]}]}],\"references\":[{\"url\":\"http://dvlabs.tippingpoint.com/advisory/TPTI-10-03\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/40085\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/511773/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1024089\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.sophos.com/support/knowledgebase/article/111126.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1412\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://dvlabs.tippingpoint.com/advisory/TPTI-10-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/40085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/511773/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1024089\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.sophos.com/support/knowledgebase/article/111126.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1412\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.