Vulnerability Name:

CVE-2007-4315 (CCN-36041)

Assigned:2007-08-05
Published:2007-08-05
Updated:2012-10-18
Summary:The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill".
CVSS v3 Severity:8.1 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
5.6 Medium (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.2 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: AMD Catalyst Software Suite Web site
Catalyst™ 7.8 Display Driver for Windows Vista (32 bit)

Source: MISC
Type: UNKNOWN
http://blogs.zdnet.com/security/?p=427

Source: MISC
Type: UNKNOWN
http://blogs.zdnet.com/security/?p=438

Source: CCN
Type: Invisible Things Lab: IsGameOver(), Anyone? Blackhat 2007 Presentation
ATI Catalyst Driver atidsmxx.sys security bypass

Source: MITRE
Type: CNA
CVE-2007-4315

Source: CCN
Type: SA26448
AMD Catalyst Software Suite DSM Dynamic Driver Vista Kernel Protection Bypass

Source: SECUNIA
Type: UNKNOWN
26448

Source: CCN
Type: OSVDB ID: 39562
AMD ATI atidsmxx.sys on Windows Vista Local Privilege Escalation

Source: BID
Type: UNKNOWN
25265

Source: CCN
Type: BID-25265
AMD ATI ATIDSMXX.SYS Driver Local Privilege Escalation Vulnerability

Source: XF
Type: UNKNOWN
catalyst-atdcm64a-privilege-escalation(36041)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:amd:catalyst_driver:*:*:*:*:*:*:*:*
  • OR cpe:/a:ati:catalyst_driver:*:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    amd catalyst driver *
    ati catalyst driver *
    microsoft windows vista *