49%
39%
115%
The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to cause a denial of service (out-of-bounds read and system crash) via a large counter value in an 0x62430028 IOCTL call.
The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to cause a denial of service (out-of-bounds read and system crash) via a large counter value in an 0x62430028 IOCTL call.
CVSS 3.0 Base Score 4.4. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVSS 2.0 Base Score 4.9. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:C).
In the following code, the method retrieves a value from an array at a specific array index location that is given as an input parameter to the method
}
return value;// check that the array index is less than the maximum// length of the array
value = array[index];// get the value at the specified index of the array// if array index is invalid then output error message// and return value indicating errorvalue = -1;However, this method only verifies that the given array index is less than the maximum length of the array but does not check for the minimum value (CWE-839). This will allow a negative value to be accepted as the input array index, which will result in a out of bounds read (CWE-125) and may allow access to sensitive memory. The input array index should be checked to verify that is within the maximum and minimum range required for the array (CWE-129). In this example the if statement should be modified to include a minimum range check, as shown below.
...// check that the array index is within the correct// range of values for the arrayExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.
If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.