Thursday, October 25, 2018

Vulnerability Spotlight: TALOS-2018-0635/0636 – Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities


Threat Research

Vulnerability Spotlight: TALOS-2018-0635/0636 – Sophos HitmanPro.Alert memory disclosure and code execution vulnerabilities

Overview

Cisco Talos is disclosing two vulnerabilities in Sophos HitmanPro.Alert, a malware detection and protection tool. Both vulnerabilities lie in the input/output control (IOCTL) message handler. One could allow an attacker to read kernel memory contents, while the other allows code execution and privilege escalation.

<<READ MORE>>

Tags:



from Cisco Blog » Security https://ift.tt/2PhNttB
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)