Denial of Service Vulnerability in Alps Pointing-device Driver for Dell, ThinkPad, and VAIO Devices
CVE-2018-10828

5.5MEDIUM

Key Information:

Vendor

Alps

Status
Pointing-device Driver
Vendor
CVE Published:
9 May 2018

What is CVE-2018-10828?

The Alps Pointing-device Driver version 10.1.101.207 contains a vulnerability in the ApMsgFwd.exe component, which allows users to map and write data to the 'ApMsgFwd File Mapping Object'. This can lead to a denial of service condition when faulty data is written to this section, causing the driver to create invalid pointers. As a result, devices utilizing this driver, including those from Dell, ThinkPad, and VAIO, may become unstable or crash. This vulnerability presents a significant risk, making it important for users to ensure they have the latest driver updates to mitigate potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.exploit-db.com/exploits/44610/
exploitx_refsource_EXPLOIT-DB
https://github.com/SouhailHammou/Exploits/blob/master/CVE...
x_refsource_MISC
http://support.lenovo.com/us/en/solutions/LEN-25654
x_refsource_CONFIRM

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.