6.9

CVE-2008-7096

EPSS 0.06%
Veröffentlicht 27.08.2009 20:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain additional privileges and modify code that is running in System Management Mode, or access hypervisory memory as demonstrated at Black Hat 2008 by accessing certain remapping registers in Xen 3.3.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Intel ≫ Bios Versiondg33bu

Intel ≫ Bios Versiondg33fb

Intel ≫ Bios Versiondg33tl

Intel ≫ Bios Versiondp35dp

Intel ≫ Bios Versiondq35jo

Intel ≫ Bios Versiondq35mp

Intel ≫ Bios Versiondx38bt

Intel ≫ Bios Versionmgm965tw

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.158

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://invisiblethingslab.com/bh08/part2-full.pdf

http://osvdb.org/49901

http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00017&languageid=en-fr

Patch

Vendor Advisory

http://theinvisiblethings.blogspot.com/2008/08/attacking-xen-domu-vs-dom0.html

http://theinvisiblethings.blogspot.com/2008/08/intel-patches-q35-bug.html

http://www.securityfocus.com/bid/30823

https://exchange.xforce.ibmcloud.com/vulnerabilities/44676

https://nvd.nist.gov/vuln/detail/CVE-2008-7096

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-7096

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-7096

EUVD