Windows Macrovision (SECDRV.SYS) Memory Corruption Exploit

This module exploits a vulnerability in Windows XP when the 0xCA002813 function is invoked with a specially crafted parameter. The IOCTL 0xCA002813 handler in the SECDRV.SYS device driver in Macrovision products, installed by default in Windows XP and Windows 2003, allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.
Exploit type: 
Vulnerabilty ID: 
Released Date: 
Thursday, October 18, 2007 - 19:00