CVE-2018-12152
https://notcve.org/view.php?id=CVE-2018-12152
Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local access. Corrupción de punteros en Unified Shader Compiler en Intel Graphics Drivers en versiones anteriores a la 10.18.x.5056 (también conocida como 15.33.x.5056), 10.18.x.5057 (también conocida como 15.36.x.5057) y 20.19.x.5058 (también conocida como 15.40.x.5058) podría permitir que un usuario remoto no autenticado ejecute código WebGL arbitrario mediante acceso local. • http://seclists.org/fulldisclosure/2019/Oct/55 http://seclists.org/fulldisclosure/2019/Oct/56 http://www.securityfocus.com/bid/105582 https://support.apple.com/kb/HT210634 https://support.apple.com/kb/HT210722 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-5692
https://notcve.org/view.php?id=CVE-2017-5692
Out-of-bounds read condition in older versions of some Intel Graphics Driver for Windows code branches allows local users to perform a denial of service attack. Una condición de lectura fuera de límites en versiones antiguas de algunos controladores Intel Graphics para ramas de código de Windows permite que usuarios locales realicen un ataque de denegación de servicio. • http://www.securityfocus.com/bid/104957 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00077.html • CWE-125: Out-of-bounds Read •
CVE-2018-3611
https://notcve.org/view.php?id=CVE-2018-3611
Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access. Vulnerabilidad de comprobación de límites en User Mode Driver en Intel Graphics Driver 15.40.x.4 y 21.20.x.x permite que un usuario sin privilegios provoque una denegación de servicio mediante el acceso local. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00109.html • CWE-20: Improper Input Validation •
CVE-2017-5696
https://notcve.org/view.php?id=CVE-2017-5696
Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access. Una ruta de búsqueda no fiable en Intel Graphics Driver 15.40.x.x, 15.45.x.x y 21.20.x.x permite que un usuario sin privilegios eleve sus privilegios mediante acceso local. • https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00080&languageid=en-fr • CWE-426: Untrusted Search Path •
CVE-2017-5717 – Intel Content Protection HECI Service - Type Confusion Privilege Escalation
https://notcve.org/view.php?id=CVE-2017-5717
Type Confusion in Content Protection HECI Service in Intel Graphics Driver allows unprivileged user to elevate privileges via local access. Confusión de tipos en Content Protection HECI Service en Intel Graphics Driver permite que usuarios sin privilegios eleven privilegios mediante acceso local. The Intel Content Protection HECI Service exposes a DCOM object to all users and most sandboxes (such as Edge LPAC and Chrome GPU). It has a type confusion vulnerability which can be used to elevate to SYSTEM privileges. • https://www.exploit-db.com/exploits/43373 https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00095&languageid=en-fr • CWE-704: Incorrect Type Conversion or Cast •