Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 08/12/2010 Updated: 09/12/2010

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Internet Security Suite Plus 2010

Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users to cause a denial of service (pool corruption) and execute arbitrary code via crafted arguments to the 0x88000080 IOCTL, which triggers a buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ca internet security suite plus 2010

/* # Exploit Title: CA Internet Security Suite 2010 KmxSbxsys Kernel Pool Overflow 0-day Exploit # Date: 2010-11-28 # Author: Nikita Tarakanov (CISS Research Team) # Software Link: shopcacom/ca/products/internetsecurity/internetsecurity_suiteasp # Version: up to date, KmxSbxsys version 62022 # Tested on: Win XP SP3 # CVE : CVE-NO-M ...

CWE-189 http://www.vupen.com/english/advisories/2010/3070 http://www.exploit-db.com/exploits/15624 http://secunia.com/advisories/42267 http://www.securitytracker.com/id?1024808 https://nvd.nist.gov https://www.exploit-db.com/exploits/15624/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-4502

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect