The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service (system crash) or gain privileges via a crafted IOCTL request, as demonstrated by execution of the KeSetEvent function with modified register contents.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Antivirus_2008 | Gdata | * | * |
Internetsecurity_2008 | Gdata | * | * |
Totalcare_2008 | Gdata | * | * |