CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2014-5307
https://notcve.org/view.php?id=CVE-2014-5307
Heap-based buffer overflow in the PavTPK.sys kernel mode driver of Panda Security 2014 products before hft131306s24_r1 allows local users to gain privileges via a crafted argument to a 0x222008 IOCTL call. Desbordamiento de buffer basado en memoria dinámica en el controlador del modo de kernel PavTPK.sys de los productos Panda Security 2014 anterior a hft131306s24_r1 permite a usuarios locales ganar privilegios a través de un argumento manipulado en una llamada IOCTL 0x222008. • http://packetstormsecurity.com/files/127948/Panda-Security-2014-Privilege-Escalation.html http://seclists.org/fulldisclosure/2014/Aug/53 http://www.securityfocus.com/archive/1/533182/100/0/threaded http://www.securityfocus.com/bid/69293 https://exchange.xforce.ibmcloud.com/vulnerabilities/95382 https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5307 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2014-3450
https://notcve.org/view.php?id=CVE-2014-3450
Unspecified vulnerability in Panda Gold Protection and Global Protection 2014 7.01.01 and earlier, Internet Security 2014 19.01.01 and earlier, and AV Pro 2014 13.01.01 and earlier allows local users to gain privileges via unspecified vectors. Vulnerabilidad no especificada en Panda Gold Protection y Global Protection 2014 7.01.01 y anteriores, Internet Security 2014 19.01.01 y anteriores y AV Pro 2014 13.01.01 y anteriores permite a usuarios locales ganar privilegios a través de vectores no especificados. • http://seclists.org/fulldisclosure/2014/May/89 http://www.securityfocus.com/archive/1/532163/100/0/threaded http://www.securityfocus.com/bid/67527 •