Summary
This host is installed with Panda Global Protection and is prone to heap based buffer overflow vulnerability.
Impact
Successful exploitation will allow attackers
to cause a heap-based buffer overflow by sending a specially crafted IOCTL request and execute arbitrary code on the system with kernel-level privileges.
Impact Level: System/Application
Solution
Apply the hotfix 'hft131306s24_r1'.
For more details refer link, http://www.pandasecurity.com
NOTE: Please ignore the warning if the update is already applied.
Insight
Flaw exist due to improper bounds checking
by the PavTPK.sys kernel mode driver.
Affected
Panda Global Protection 2014 7.01.01
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-5307 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- CA ARCserve Backup Multiple Bufffer Overflow Vulnerabilities
- Citrix Provisioning Services SoapServer Buffer Overflow Vulnerability
- Apache mod_proxy content-length buffer overflow
- Buffer Overflow Vulnerability in Adobe Reader (Linux)
- Cyrus IMAP Server 'split_wildmats()' Remote Buffer Overflow Vulnerability