Posted by Portcullis Advisories on Dec 10
Vulnerability title: Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys]
CVE: CVE-2014-7136
Vendor: K7 Computing
Product: Multiple Products [K7FWFilt.sys]
Affected version: Earlier and including 11.0.1.5
Fixed version: 14.0.1.16
Reported by: Kyriakos Economou
Details:
Latest, and possibly earlier versions of K7FWFilt.sys kernel mode driver, also named as the ‘K7Firewall Packet Driver’,
suffers from a heap overflow…