Published: 28/04/2010 Updated: 17/08/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows local users to gain privileges via crafted IOCTL requests to the (1) HookCont.sys, (2) HookNtos.sys, (3) HOOKREG.sys, or (4) HookSys.sys device driver; or the (5) RsNTGdi.sys kernel module, reachable through \Device\RSNTGDI.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rising-global rising antivirus 2009
rising-global rising antivirus 2010
rising-global rising antivirus 2008

//by Dlrow dlrow1991@ymailcom<mailto:dlrow1991@ymailcom> //restore all ssdt hooks // Rising0daycpp : Defines the entry point for the console application // #include "stdafxh" #include "windowsh" enum { SystemModuleInformation = 11 }; typedef struct { ULONG Unknown1; ULONG Unknown2; PVOID Base; ULONG Size; ...

CWE-20 http://www.securityfocus.com/bid/37951 http://secunia.com/advisories/38335 http://osvdb.org/61946 http://www.ntinternals.org/ntiadv0902/ntiadv0902.html http://www.ntinternals.org/ntiadv0805/ntiadv0805.html http://www.vupen.com/english/advisories/2010/0218 https://exchange.xforce.ibmcloud.com/vulnerabilities/55869 https://nvd.nist.gov https://www.exploit-db.com/exploits/11281/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-1591

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect