Vulnerability in FireWire Interface Affects Windows Products
CVE-2004-1038

Currently unrated

Key Information:

Vendor: Ieee
Status: Firewire Ieee
Vendor: CVE Published:; 1 March 2005

What is CVE-2004-1038?

The security flaw in the FireWire (IEEE1394) specification permits attackers with physical access to manipulate memory. By using a modified FireWire client, they can read and write sensitive information, circumventing traditional security measures that demand higher levels of physical access for exploitation. This vulnerability has been noted to specifically impact Microsoft Windows Vista, although certain Linux distributions employ safeguards against such attacks.

References

http://pacsec.jp/advisories.html

x_refsource_MISC

http://www.securityfocus.com/archive/1/489330/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/489189/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 1, 2005
Vulnerability Reserved
Nov 16, 2004

Ieee

What is CVE-2004-1038?

References

Timeline