Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2008-7096

Published: Aug 27, 2009 | Modified: Aug 17, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.9 MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2008-7096
CWEhttps://cwe.mitre.org/data/definitions/264.html

Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain additional privileges and modify code that is running in System Management Mode, or access hypervisory memory as demonstrated at Black Hat 2008 by accessing certain remapping registers in Xen 3.3.

Affected Software

Name Vendor Start Version End Version
Bios Intel dg33bu (including) dg33bu (including)
Bios Intel dg33fb (including) dg33fb (including)
Bios Intel dg33tl (including) dg33tl (including)
Bios Intel dp35dp (including) dp35dp (including)
Bios Intel dq35jo (including) dq35jo (including)
Bios Intel dq35mp (including) dq35mp (including)
Bios Intel dx38bt (including) dx38bt (including)
Bios Intel mgm965tw (including) mgm965tw (including)

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use