Detections
Analytics
Apple Boot Camp Support Software < 5.1 AppleMNT.sys Driver PE Header Memory Corruption
medium Nessus Plugin ID 72602
Language:
Synopsis
The remote host has a driver affected by a local memory corruption vulnerability.Description
The version of Apple Boot Camp Support Software installed on the remote host is a version prior to 5.1. As such, the AppleMNT.sys driver included in it reportedly has a bounds checking issue that can be triggered when parsing a Portable Executable (PE) file with a malformed header. A local attacker may be able to leverage this to corrupt kernel memory resulting in a system crash or arbitrary code execution with elevated privileges.Solution
Upgrade to Apple Boot Camp Support Software 5.1 or later.See Also
https://support.apple.com/en-us/HT204524
https://www.securityfocus.com/archive/1/531045/30/0/threaded
Plugin Details
Severity: Medium
ID: 72602
File Name: apple_boot_camp_drivers_5_1.nasl
Version: 1.4
Type: local
Agent: windows
Family: Windows
Published: 2/20/2014
Updated: 11/26/2019
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 4.7
Temporal Score: 3.5
Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C
CVSS Score Source: CVE-2014-1253
Vulnerability Information
CPE: cpe:/a:apple:boot_camp
Required KB Items: SMB/Boot_Camp/Installed
Exploit Ease: No known exploits are available
Patch Publication Date: 2/12/2014
Vulnerability Publication Date: 2/12/2014
Reference Information
CVE: CVE-2014-1253
BID: 65522
APPLE-SA: APPLE-SA-2014-02-11-1