How severe is CVE-2017-14153?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2017-14153?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2017-14153

HIGH Year: 2017

CVSS v3 Score

7.8

High

CVSS v2 Score

7.2

High

Weakness Type

CWE-119

View all →

Vulnerability Description

This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824b7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.

CVE-2007-6761

HIGH

CVSS:7.8(High)

drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures, which allows local users to trigger an incorrect count value and videobuf...

CWE-1192007

CVE-2009-0658

HIGH

CVSS:7.8(High)

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call an...

CWE-1192009

CVE-2009-4004

HIGH

CVSS:7.8(High)

Buffer overflow in the kvm_vcpu_ioctl_x86_setup_mce function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc7 allows local users to cause a denial of service (memory co...

CWE-1192009

CVE-2010-0036

HIGH

CVSS:7.8(High)

Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file.

CWE-1192010

CVE-2010-1816

HIGH

CVSS:7.8(High)

Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a cr...

CWE-1192010

CVE-2010-3081

HIGH

CVSS:7.8(High)

The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit...

CWE-1192010

CVE-2017-14153

Vulnerability Description

Related Vulnerabilities

CVE-2007-6761

CVE-2009-0658

CVE-2009-4004

CVE-2010-0036

CVE-2010-1816

CVE-2010-3081