CVE-2008-0779

Published: Feb 14, 2008Modified: Apr 23, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

The fortimon.sys device driver in Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and earlier does not properly initialize its DeviceExtension, which allows local users to access kernel memory and execute arbitrary code via a crafted request.

Affected (1)

Products: Fortinet: Forticlient Host Security

Fortinet

1 product

Forticlient Host Security

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Fortinet Forticlient Host Security	Up to 3.0

Related CWEs

CWE-264

References (18)

http://kc.forticare.com/default.asp?id=3618

Source: cve@mitre.org

http://secunia.com/advisories/28975

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/3660

Source: cve@mitre.org

http://www.reversemode.com/index.php?option=com_mamblog&Itemid=15&task=show&action=view&id=47&Itemid=15

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/488071/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/27776

Source: cve@mitre.org

http://www.securitytracker.com/id?1019415

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/0541/references

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/40512

Source: cve@mitre.org

http://kc.forticare.com/default.asp?id=3618