Macrovision SafeDisc - 'SecDRV.SYS' Method_Neither Privilege Escalation

EDB-ID:

30680




Platform:

Windows

Date:

2007-10-18


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

source: https://www.securityfocus.com/bid/26121/info

Macrovision SafeDisc is prone to a local privilege-escalation vulnerability because it fails to adequately sanitize user-supplied input.

Exploiting this vulnerability allows local attackers to execute arbitrary malicious code with SYSTEM-level privileges, facilitating the complete compromise of affected computers.

UPDATE: This issue affects only Microsoft Windows XP and 2003 platforms. Microsoft Vista is not affected. 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/30680.zip