Kernel Memory Overwrite in Kingsoft Webshield Product
CVE-2010-2031

Currently unrated

Key Information:

Vendor: Kingsoft
Status: Webshield
Vendor: CVE Published:; 24 May 2010

What is CVE-2010-2031?

The KAVSafe.sys driver, as utilized in Kingsoft Webshield versions 2010.4.14.609 and earlier, permits local users to overwrite arbitrary kernel memory. This is executed through a specially crafted request sent to IOCTL 0x830020d4, potentially allowing attackers to escalate privileges and perform unauthorized actions within the system.

References

http://www.securityfocus.com/bid/40342

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/58780

vdb-entryx_refsource_XF

http://secunia.com/advisories/39916

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
May 24, 2010
Vulnerability Reserved
May 24, 2010