Oracle Sun Solaris Kernel USB Configuration Descriptor Local Buffer Overflow Vulnerability

The Oracle Sun Solaris kernel is prone to a local stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to execute arbitrary code with superuser privileges, facilitating the complete compromise of affected computers. Failed exploit attempts will likely crash the kernel, denying service to legitimate users.

This vulnerability affects the following supported versions:
8, 9, 10, 11 Express


 

Privacy Statement
Copyright 2010, SecurityFocus