CVE-2014-9642

bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.

Published: Feb 6, 2015
Updated: Apr 13, 2023
CVE: CVE-2014-9642
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
bullguard / bdagent.sys	-	1.0.0.6.x
bullguard / internet_security	-	14.1.287.x
bullguard / online_backup	-	14.1.287.x
bullguard / premium_protection	-	14.1.287.x

http://packetstormsecurity.com/files/130247/BullGuard-14.1.285.4-Privilege-Escalation.html
http://www.bullguard.com/about/release-notes.aspx
http://www.exploit-db.com/exploits/35994
http://www.greyhathacker.net/?p=818
http://www.osvdb.org/114478

Vulnerability Database

289,697

CVE-2014-9642