Vulnerability Description
The aries.sys driver in Sony First4Internet XCP DRM software hides any file, registry key, or process with a name that starts with "$sys$", which allows attackers to hide activities on a system that uses XCP.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sony | First4Internet Xcp Content Management | All versions |
References
- http://secunia.com/advisories/17408Vendor Advisory
- http://securitytracker.com/id?1015145
- http://www.osvdb.org/20435
- http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
- http://secunia.com/advisories/17408Vendor Advisory
- http://securitytracker.com/id?1015145
- http://www.osvdb.org/20435
- http://www.sysinternals.com/blog/2005/10/sony-rootkits-and-digital-rights.html
FAQ
What is CVE-2005-3474?
CVE-2005-3474 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The aries.sys driver in Sony First4Internet XCP DRM software hides any file, registry key, or process with a name that starts with "$sys$", which allows attackers to hide activities on a system that u...
How severe is CVE-2005-3474?
CVE-2005-3474 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3474?
Check the references section above for vendor advisories and patch information. Affected products include: Sony First4Internet Xcp Content Management.