CVE-2017-17429

In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:k7computing:total_security:*:*:*:*:*:*:*:*
cpe:2.3:a:k7computing:antivirus:*:*:*:*:plus:*:*:*
cpe:2.3:a:k7computing:total_security:*:*:*:*:plus:*:*:*
cpe:2.3:a:k7computing:internet_security:*:*:*:*:*:*:*:*
cpe:2.3:a:k7computing:ultimate_security:*:*:*:*:*:*:*:*
cpe:2.3:a:k7computing:endpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:k7computing:antivirus:*:*:*:*:premium:*:*:*

Information

Published : 2018-01-16 11:29

Updated : 2019-10-02 17:03


NVD link : CVE-2017-17429

Mitre link : CVE-2017-17429


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

k7computing

  • total_security
  • endpoint
  • ultimate_security
  • antivirus
  • internet_security