HomePentest-Tools.com Logo

CA Internet Security Suite Plus KmxSbx.sys Buffer Overflow Vulnerability CVE-2010-4502

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

CA Internet Security Suite Plus is prone to a buffer overflow vulnerability.

Risk description

The flaw is due to an error in the KmxSbx.sys kernel driver when processing IOCTLs and can be exploited to cause a buffer overflow via overly large data buffer sent to the 0x88000080 IOCTL. Successful exploitation allows execution of arbitrary code in the kernel.

Recommendation

No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 8, 2010
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available