CVE-2014-8956
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
12/12/2014
Last modified:
12/04/2025
Description
Stack-based buffer overflow in the K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via unspecified vectors.
Impact
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:k7computing:k7av_sentry_device_driver:*:*:*:*:*:*:*:* | 12.8.0.118 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://packetstormsecurity.com/files/129472/K7-Computing-Multiple-Products-K7Sentry.sys-Out-Of-Bounds-Write.html
- http://seclists.org/fulldisclosure/2014/Dec/46
- https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8956/
- http://packetstormsecurity.com/files/129472/K7-Computing-Multiple-Products-K7Sentry.sys-Out-Of-Bounds-Write.html
- http://seclists.org/fulldisclosure/2014/Dec/46
- https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-8956/