Posted by Portcullis Advisories on Dec 10

Vulnerability title: Privilege Escalation In K7 Computing Multiple Products [K7Sentry.sys]
CVE: CVE-2014-8956
Vendor: K7 Computing
Product: Multiple Products [K7Sentry.sys]
Affected version: 12.8.0.110
Fixed version: 12.8.0.119
Reported by: Kyriakos Economou
Details:

Latest, and possibly earlier versions of K7Sentry.sys kernel mode driver, also named as the ‘K7AV Sentry DeviceDriver’,
suffers from a Out-of-bounds Write condition that…