+7 (495) 967-14-51 

 Contacts   Sitemap  
Language:  Russian English     Search: 
 
Main page  →  Support  →  Useful information  →  Known vulnerabilities
Technical Support
Submit Support Request
Useful information
Host Intrusion Prevention System (HIPS)
Whitelisting
Application Integrity Control
Application protection
Windows Startup / Registry Protection
Online banking security
Known vulnerabilities

News

RSS

 

Known vulnerabilities

As any other software, the SafeíNíSec Corporation products can have software bugs. Some of them can be exploited by an attacker to perform unauthorized actions within a computer system. Such bugs are known as software vulnerabilities.


Code* Description Are there known exploits or incidents? Affected components and products What to do?
SNSVE-2018-1
CVE-2018-5718
Due to a bug (improper restriction of write operations within the bounds of a memory buffer) in DLL-controlling code in the driver snscore.sys, it is possible to a local user to write data in kernel-mode memory. It can cause a BSOD (reproduces in our lab) or arbitrary modification of kernel-mode code or data (not reproduced in our lab but is theoretically possible). To exploit this vulnerability the attacker can create a special DLL and load it into a user-mode process. No SoftControl/SafenSoft SysWatch before 4.4.1, SoftControl/SafenSoft TPSecure before 4.4.1, SoftControl/SafenSoft Enterprise Suite before 4.4.1 Update your product to version 4.4.X or above

* Internal code of SafeíNíSec Corporation (prefix SNSVE) and/or code in public base of vulnerabilities on cve.mitre.org (prefix CVE).



Print this page

 

Computer security: Information security solutions | Host Intrusion Prevention System (HIPS) | Endpoint protection | The best virus protection | Whitelisting | Application Integrity Control | Comprehensive Malware Protection | Application protection | Windows Startup / Registry Protection | Online banking security | Online payment protection | Data leakage prevention (DLP) | Information security in medicine
2009-2018, SafeíNíSec Corporation. Privacy policy