Realtek HD Audio Codec Driver Vulnerabilities - Security


Editor Login \| Register		Ekle

> World > Security

Realtek HD Audio Codec Driver Vulnerabilities - Security - World -

CWRedLight

(Date : 24.04.2008 19:02:34)

Realtek HD Audio Codec Driver Vulnerabilities

Secunia Advisory:	SA29953
Release Date:	2008-04-24

Critical:	Less critical
Impact:	Manipulation of data Exposure of system information Exposure of sensitive information Privilege escalation
Where:	Local system
Solution Status:	Vendor Patch

Software:	Realtek HD Audio Codec Driver 6.x

Description:
Ruben Santamarta has reported some vulnerabilities in Realtek HD Audio Codec drivers, which can be exploited by malicious, local users to disclose certain information, manipulate certain data, or gain escalated privileges.

The vulnerabilities are caused due to input validation errors when handling certain IOCTL requests and can be exploited to create, read, or write arbitrary registry keys or to execute arbitrary code with kernel privileges.

The vulnerabilities are reported in RTKVHDA.sys and RTKVHDA64.sys versions prior to 6.0.1.5605.

Solution:
Update to the latest versions.

Provided and/or discovered by:
Ruben Santamarta, Wintercore

Original Advisory:
http://www.wintercore.com/advisories/advisory_W010408.html

Derecelendir

Kaynak

http://secunia.com/advisories/29953/

İçerik İhbarı

Bağlantılar: bilgininefendisi.net

Open Source Document Project

AUP&TOS