ID
VAR-190001-0049
TITLE
HTC HD7 'HTCUtility.dll' IOCTL Security Bypass Vulnerability
Trust: 0.9
sources:
CNVD: CNVD-2011-4922 //
BID: 50697
DESCRIPTION
HTC HD7 is a mobile phone equipped with Windows Phone platform. HTC HD7 has an error in the HTCUtility.dll driver when processing 0x9020002C IOCTL. An attacker can exploit the vulnerability to read data from any kernel memory or write data to any kernel memory. HTC HD7 is prone to a security-bypass vulnerability. This may allow the attacker to execute code in the context of kernel by bypassing security restrictions
Trust: 0.81
sources:
CNVD: CNVD-2011-4922 //
BID: 50697
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2011-4922
AFFECTED PRODUCTS
| vendor: | htc | model: | hd7 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | htc | model: | hd7 | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
CNVD: CNVD-2011-4922 //
BID: 50697
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201111-305
TYPE
Unknown
Trust: 0.3
sources:
BID: 50697
PATCH
| title: | HTC HD7 'HTCUtility.dll' IOCTL Security Bypass Vulnerability Patch | url: | https://www.cnvd.org.cn/patchinfo/show/5928 | Trust: 0.6 |
sources:
CNVD: CNVD-2011-4922
EXTERNAL IDS
| db: | BID | id: | 50697 | Trust: 1.5 |
| db: | CNVD | id: | CNVD-2011-4922 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201111-305 | Trust: 0.6 |
sources:
CNVD: CNVD-2011-4922 //
BID: 50697 //
CNNVD: CNNVD-201111-305
REFERENCES
| url: | http://labs.mwrinfosecurity.com/files/advisories/mwri_htc-htcutility-kernmem_2011-11-10.pdfhttp | Trust: 0.6 |
| url: | http://www.securityfocus.com/bid/50697 | Trust: 0.6 |
| url: | http://www.htc.com/uk/smartphones/htc-hd7/ | Trust: 0.3 |
| url: | http://labs.mwrinfosecurity.com/files/advisories/mwri_htc-htcutility-kernmem_2011-11-10.pdf | Trust: 0.3 |
sources:
CNVD: CNVD-2011-4922 //
BID: 50697 //
CNNVD: CNNVD-201111-305
CREDITS
Alex Plaskett of MWR InfoSecurity
Trust: 0.9
sources:
BID: 50697 //
CNNVD: CNNVD-201111-305
SOURCES
| db: | CNVD | id: | CNVD-2011-4922 |
| db: | BID | id: | 50697 |
| db: | CNNVD | id: | CNNVD-201111-305 |
LAST UPDATE DATE
2022-05-17T02:00:57.791000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-4922 | date: | 2011-11-17T00:00:00 |
| db: | BID | id: | 50697 | date: | 2011-11-16T00:00:00 |
| db: | CNNVD | id: | CNNVD-201111-305 | date: | 2011-11-18T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2011-4922 | date: | 2011-11-17T00:00:00 |
| db: | BID | id: | 50697 | date: | 2011-11-16T00:00:00 |
| db: | CNNVD | id: | CNNVD-201111-305 | date: | 1900-01-01T00:00:00 |