SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Microsoft)  >   Windows Drivers Vendors:   Microsoft
Windows Buffer Overflow in Unspecified USB Device Driver Lets Physically Local Users Execute Arbitrary Code
SecurityTracker Alert ID:  1014566
SecurityTracker URL:  http://securitytracker.com/id/1014566
CVE Reference:   CVE-2005-2388   (Links to External Site)
Updated:  Jul 6 2008
Original Entry Date:  Jul 24 2005
Impact:   Execution of arbitrary code via local system, Root access via local system


Description:   A vulnerability was reported in Microsoft Windows in a specific USB device driver. A physically local user may be able to execute arbitrary code on the target system.

A physically local user can connect a device to the USB port on the target system to cause the target system to load a device driver. Then, the connected device can trigger a buffer overflow to execute arbitrary code on the target system. The code will run with System level privileges.

The affected device driver was not disclosed.

SPI Dynamics discovered this vulnerability. eWeek reported this vulnerability.

Impact:   A physically local user can execute arbitrary code on the target system with System level privileges.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.microsoft.com/ (Links to External Site)
Cause:   Boundary error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC