1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Home
  2. Security
  3. Security Lab
  4. Latest Threats
  5. Vulnerability Descriptions
  6. SA27285

Macrovision SafeDisc secdrv.sys Privilege Escalation

Report ID: SA27285
Source: Secunia
Date of Discovery: 23.10.2007
Criticality: Urgent
Affects:
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Macrovision SafeDisc 4.x
Compromise From: Local system
Compromise Type: Privilege escalation

Summary

A vulnerability has been reported in Macrovision SafeDisc, which can be exploited by malicious, local users to gain escalated privileges.

Detailed Description

A vulnerability has been reported in Macrovision SafeDisc, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to an input validation error within secdrv.sys when handling arguments passed to certain IOCTL handlers. This can be exploited to e.g. overwrite arbitrary kernel memory and execute arbitrary code with SYSTEM privileges.

The vulnerability is reported in secdrv.sys installed by default in Windows XP and Windows 2003.

Solution

Grant only trusted users access to the system.

CVE Reference

CVE-2007-5587