Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows NDISTAPI DoS
Published:19.03.2007
Source:
SecurityVulns ID:7435
Type:local
Threat Level:
5/10
Description:During exceptions handling on \Device\NdisTapi device request handling URQL is not returned from DISPATCH level on switching to user mode, leading to crash (BSOD) with IRQL_LESS_THAN_NOT_EQUAL on accessing paged memory.
Affected:MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2007-1537 (\Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using an IRQL to acquire a spinlock on paged memory via the NdisTapiDispatch function.)
Original documentdocumentReversemode, [Reversemode Advisory] Microsoft Windows Ndistapi.sys IRQL escalation (19.03.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod