CVE-2010-2308

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-2308
Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function.

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://dvlabs.tippingpoint.com/advisory/TPTI-10-03
http://secunia.com/advisories/40085 Vendor Advisory
http://www.securityfocus.com/archive/1/511773/100/0/threaded
http://www.securitytracker.com/id?1024089
http://www.sophos.com/support/knowledgebase/article/111126.html Vendor Advisory
http://www.vupen.com/english/advisories/2010/1412 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sophos:anti-virus:*:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.4.6:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.78:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.78d:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.79:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.80:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.81:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.82:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.83:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.84:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.85:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.86:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.90:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.91:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.95:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.96.0:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.03:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.33.0:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:6.5:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:7.6:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:7.6.14:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:7.6.15:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:7.6.16:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:7.6.17:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:7.6.18:*:*:*:*:*:*:*
History

No history.

Information

Published : 2010-06-16 20:30

Updated : 2023-12-10 11:03

NVD link : CVE-2010-2308

Mitre link : CVE-2010-2308

CVE.ORG link : CVE-2010-2308

JSON object : View

Products Affected

sophos

  • anti-virus
CWE
NVD-CWE-noinfo