CVE-2015-1438: Buffer Overflow
First published: Tue Jul 25 2017(Updated: )
Heap-based buffer overflow in Panda Security Kernel Memory Access Driver 1.0.0.13 allows attackers to execute arbitrary code with kernel privileges via a crafted size input for allocated kernel paged pool and allocated non-paged pool buffers.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Panda Security Panda Antivirus Pro 2015 | =1.0.0.13 | |
| Panda Security Panda Global Protection 2015 | =1.0.0.13 | |
| Panda Security Panda Gold Protection 2015 | =1.0.0.13 | |
| Panda Security Panda Internet Security 2015 | =1.0.0.13 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/132682/Panda-Security-1.0.0.13-Arbitrary-Code-Execution.html
- http://seclists.org/fulldisclosure/2015/Jul/42
- http://seclists.org/fulldisclosure/2015/Jul/61
- http://www.securityfocus.com/bid/75715
- https://tools.cisco.com/security/center/viewAlert.x?alertId=39908
- https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-1438/
- collector/nvd-index
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/event
- agent/description
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- vendor/panda security
- canonical/panda security panda antivirus pro 2015
- version/panda security panda antivirus pro 2015/1.0.0.13
- canonical/panda security panda global protection 2015
- version/panda security panda global protection 2015/1.0.0.13
- canonical/panda security panda gold protection 2015
- version/panda security panda gold protection 2015/1.0.0.13
- canonical/panda security panda internet security 2015
- version/panda security panda internet security 2015/1.0.0.13