CVE-2007-4315
First published: Mon Aug 13 2007(Updated: )
The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill".
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| AMD Catalyst Driver | ||
| AMD Catalyst Driver | ||
| Microsoft Windows Vista |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2007-4315?
CVE-2007-4315 has a medium severity rating due to its ability to allow local users to escalate privileges.
How do I fix CVE-2007-4315?
To mitigate CVE-2007-4315, update to a newer version of the AMD Catalyst Driver that addresses this vulnerability.
Who is affected by CVE-2007-4315?
Users running the AMD ATI atidsmxx.sys driver version 3.0.502.0 on Windows Vista are affected by CVE-2007-4315.
What can an attacker achieve with CVE-2007-4315?
An attacker can bypass driver signing policy and write to arbitrary kernel memory, potentially gaining elevated privileges.
Is CVE-2007-4315 specific to any version of Windows?
Yes, CVE-2007-4315 specifically affects the Windows Vista operating system.
- collector/nvd-historical
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/amd
- canonical/amd catalyst driver
- vendor/ati
- vendor/microsoft
- canonical/microsoft windows vista