SecureOL VE2 1.05.1008 does not properly restrict public access to physical memory, which allows local users to bypass intended restrictions and gain access to the secured environment via direct access to the PhysicalMemory device.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ve2 | Secureol | 1.05.1008 (including) | 1.05.1008 (including) |
References
- http://cybermessageboard.xeran.com/secureol/viewtopic.php?t=26
- http://marc.info/?l=bugtraq\u0026m=112610983428771\u0026w=2
- http://secunia.com/advisories/16739/
- http://www.securityfocus.com/bid/14768
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22205
- http://cybermessageboard.xeran.com/secureol/viewtopic.php?t=26
- http://marc.info/?l=bugtraq\u0026m=112610983428771\u0026w=2
- http://secunia.com/advisories/16739/
- http://www.securityfocus.com/bid/14768
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22205