CVE-2007-4315
 
Severity Score
6.9
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill".
El controlador AMD ATI atidsmxx.sys 3.0.502.0 en Windows Vista permite a usuarios locales evitar la polĂtica de firma del controlador, escribir en zonas de memoria del nĂșcleo, y de ese modo obtener privilegios mediante vectores no especificados, como ha sido demostrado por "Purple Pill".
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-08-13 CVE Reserved
- 2007-08-13 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://blogs.zdnet.com/security/?p=427 | X_refsource_misc | |
http://blogs.zdnet.com/security/?p=438 | X_refsource_misc | |
http://secunia.com/advisories/26448 | Third Party Advisory | |
http://www.securityfocus.com/bid/25265 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Amd Search vendor "Amd" | Catalyst Driver Search vendor "Amd" for product "Catalyst Driver" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | - |
Safe
|
Ati Search vendor "Ati" | Catalyst Driver Search vendor "Ati" for product "Catalyst Driver" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | - |
Safe
|