CVE-2018-3970
First published: Thu Oct 25 2018(Updated: )
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sophos HitmanPro.Alert | =3.7.6.744 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2018-3970.
What is the severity of CVE-2018-3970?
The severity of CVE-2018-3970 is medium (5.5).
How does CVE-2018-3970 affect Sophos HitmanPro.Alert?
CVE-2018-3970 affects Sophos HitmanPro.Alert version 3.7.6.744.
What is the impact of CVE-2018-3970?
CVE-2018-3970 allows an attacker to disclose kernel memory through a specially crafted IRP request.
How can I fix CVE-2018-3970?
To fix CVE-2018-3970, update to the latest version of Sophos HitmanPro.Alert.
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/sophos
- canonical/sophos hitmanpro.alert
- version/sophos hitmanpro.alert/3.7.6.744