SHARE
CORE IMPACT v7 - Exploits Update (Fri Oct 19 2007)
Windows Macrovision (SECDRV.SYS) Memory Corruption Exploit
Exploits/Local [Windows]
• Fri Oct 19 2007
This module exploits a vulnerability in Windows XP when the 0xCA002813 function is invoked with a specially crafted parameter. The IOCTL 0xCA002813 handler in the SECDRV.SYS device driver in Macrovision products, installed by default in Windows XP and Windows 2003, allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.
Exploits Vulnerabiltiy: CVE-9999-