Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. Because the leak occurs at the driver level, an attacker can use this vulnerability to leak some critical information about the machine such as nt!ExpPoolQuotaCookie.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sophos HitmanPro.Alert solution和Sophos Clean SurfRight HitmanPro 安全漏洞
Vulnerability Description
Sophos HitmanPro.Alert solution和Sophos Clean都是英国Sophos公司的病毒防护软件。SurfRight HitmanPro是其中的一个恶意软件扫描工具。 Sophos HitmanPro.Alert solution和Sophos Clean中的SurfRight HitmanPro 3.7.20 Build 286之前的版本存在安全漏洞。攻击者可借助带有0x22E1C0代码的IOCTL利用该漏洞泄露内存数据。
CVSS Information
N/A
Vulnerability Type
N/A