CVE-2007-5587 Information

Description

Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0 as shipped in Microsoft Windows XP SP2 XP Professional x64 and x64 SP2 Server 2003 SP1 and SP2 and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL as originally discovered in the wild.

Reference

http://blog.48bits.com/?p=172 http://osvdb.org/41429 http://secunia.com/advisories/27285 http://securityreason.com/securityalert/3266 http://www.microsoft.com/technet/security/advisory/944653.mspx http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&task=show&action=view&id=43&Itemid=15 http://www.securityfocus.com/archive/1/482474/100/0/threaded http://www.securityfocus.com/archive/1/482482/100/0/threaded http://www.securityfocus.com/archive/1/485268/100/0/threaded http://www.securityfocus.com/bid/26121 http://www.securitytracker.com/id?1018833 http://www.symantec.com/enterprise/security_response/weblog/2007/10/privilege_escalation_exploit_i.html http://www.us-cert.gov/cas/techalerts/TA07-345A.html http://www.vupen.com/english/advisories/2007/3537 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-067 https://exchange.xforce.ibmcloud.com/vulnerabilities/37284 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A4584