CVE-2007-3681

Description

The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.

References

https://www.exploit-db.com/exploits/4165

https://exchange.xforce.ibmcloud.com/vulnerabilities/35309

http://www.winpcap.org/misc/changelog.htm

http://www.vupen.com/english/advisories/2007/2468

http://www.securityfocus.com/bid/24829

http://www.securityfocus.com/archive/1/473301/100/0/threaded

http://www.securityfocus.com/archive/1/473297/100/0/threaded

http://www.securityfocus.com/archive/1/473270/100/0/threaded

http://securitytracker.com/id?1018350

http://secunia.com/advisories/25982

http://osvdb.org/37889

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3