Heap-Based Buffer Overflow in Panda Security Kernel Memory Access Driver
CVE-2015-1438

7.8HIGH

Key Information:

Vendor

Panda Security

Status
Panda Internet Security 2015
Panda Gold Protection 2015
Panda Antivirus Pro 2015
Panda Global Protection 2015
Vendor
CVE Published:
25 July 2017

What is CVE-2015-1438?

The vulnerability in the Panda Security Kernel Memory Access Driver allows attackers to exploit a heap-based buffer overflow through specially crafted size inputs. This can lead to the execution of arbitrary code with elevated kernel privileges, posing significant risks to system integrity and security. Effective patching and monitoring are essential to mitigate this risk.

References

http://packetstormsecurity.com/files/132682/Panda-Securit...
x_refsource_MISC
http://www.securityfocus.com/bid/75715
vdb-entryx_refsource_BID
https://www.portcullis-security.com/security-research-and...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.