CVE-2018-3970

An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.
References
Link Resource
http://www.securityfocus.com/bid/105743 Broken Link Third Party Advisory VDB Entry
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0635 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:sophos:hitmanpro.alert:3.7.6.744:*:*:*:*:*:*:*

History

02 Feb 2023, 13:47

Type Values Removed Values Added
References (BID) http://www.securityfocus.com/bid/105743 - Third Party Advisory, VDB Entry (BID) http://www.securityfocus.com/bid/105743 - Broken Link, Third Party Advisory, VDB Entry

Information

Published : 2018-10-25 18:29

Updated : 2023-12-10 12:44


NVD link : CVE-2018-3970

Mitre link : CVE-2018-3970

CVE.ORG link : CVE-2018-3970


JSON object : View

Products Affected

sophos

  • hitmanpro.alert
CWE
CWE-908

Use of Uninitialized Resource