3 results (0.035 seconds)

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

Multiple integer overflows in TrueCrypt 7.1a allow local users to (1) obtain sensitive information via vectors involving a crafted item->OriginalLength value in the MainThreadProc function in EncryptedIoQueue.c or (2) cause a denial of service (memory consumption) via vectors involving large StartingOffset and Length values in the ProcessVolumeDeviceControlIrp function in Ntdriver.c. Múltiples desbordamientos de enteros en TrueCrypt 7.1a permiten que usuarios locales (1) obtengan información sensible mediante vectores relacionados con un valor item->OriginalLength manipulado en la función MainThreadProc en EncryptedIoQueue.c o (2) provoquen una denegación de servicio (consumo de memoria) mediante vectores relacionados con valores StartingOffset y Length grandes en la función ProcessVolumeDeviceControlIrp en Ntdriver.c. • http://www.openwall.com/lists/oss-security/2014/04/17/7 https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf • CWE-190: Integer Overflow or Wraparound CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-400: Uncontrolled Resource Consumption •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt 7.1a allows local users to bypass access restrictions and obtain sensitive information about arbitrary files via a (1) TC_IOCTL_OPEN_TEST or (2) TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG IOCTL call. La función ProcessVolumeDeviceControlIrp en Ntdriver.c en TrueCrypt 7.1a permite que usuarios locales omitan las restricciones de acceso y obtengan información sensible sobre archivos arbitrarios mediante una llamada (1) TC_IOCTL_OPEN_TEST o (2) TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG IOCTL. • http://www.openwall.com/lists/oss-security/2014/04/17/7 https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Trojan horse DLL in the "application directory", as demonstrated with the USP10.dll, RichEd20.dll, NTMarta.dll and SRClient.dll DLLs. Vulnerabilidad de ruta de búsqueda no confiable en el instalador para TrueCrypt 7.2 y 7.1a, VerCrypt en versiones anteriores a 1.17-BETA y posiblemente otros productos permite a usuarios locales ejecutar código arbitrario con privilegios de administrador y llevar a cabo ataques de secuestro de DLL a través de un troyano DLL en el "directorio de aplicación", como se demuestra con las DLLs USP10.dll, RichEd20.dll, NTMarta.dll y SRClient.dll. • http://seclists.org/fulldisclosure/2016/Jan/22 http://www.openwall.com/lists/oss-security/2016/01/11/1 • CWE-426: Untrusted Search Path •