CVE-2010-2031 – Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-2031
KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device. KAVSafe.sys v2010.4.14.609 y versiones anteriores, tal como se utiliza en Kingsoft Webshield v3.5.1.2 y anteriores, permite a usuarios locales sobreescribir la memoria del kernel de forma arbitraria a través de una petición modificada a IOCTL 0x830020d4 en el dispositivo KAVSafe. • https://www.exploit-db.com/exploits/12710 http://secunia.com/advisories/39916 http://www.exploit-db.com/exploits/12710 http://www.securityfocus.com/bid/40342 https://exchange.xforce.ibmcloud.com/vulnerabilities/58780 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •