Stack-Based Buffer Overflow in K7 Computing's Sentry Device Driver
CVE-2014-8956

Currently unrated

Key Information:

Vendor: K7computing
Status: K7av Sentry Device Driver
Vendor: CVE Published:; 12 December 2014

🔔 Create K7computing Vulnerability Alert

What is CVE-2014-8956?

The K7Sentry.sys kernel mode driver, utilized in various K7 Computing products, is susceptible to a stack-based buffer overflow. This vulnerability allows local users to potentially execute arbitrary code with elevated kernel privileges through unspecified vectors. In versions prior to 12.8.0.119, the lack of proper validation and handling of user input can pose significant security risks, enabling unauthorized access to critical system functions.

References

https://www.portcullis-security.com/security-research-and...

x_refsource_MISC

http://seclists.org/fulldisclosure/2014/Dec/46

mailing-listx_refsource_FULLDISC

http://packetstormsecurity.com/files/129472/K7-Computing-...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2014
Vulnerability Reserved
Nov 18, 2014