CVE-2019-9729

Published: Mar 12, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signedness error and a heap-based buffer underflow.

Affected (1)

Products: Shanda: Maplestory Online

Shanda

1 product

Maplestory Online

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Shanda Maplestory Online	Version 160.0

Related CWEs

CWE-129

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.