Vulnerability Description
The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecified vectors, as demonstrated by "Purple Pill".
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amd | Catalyst Driver | All versions |
| Ati | Catalyst Driver | All versions |
| Microsoft | Windows Vista | All versions |
Related Weaknesses (CWE)
References
- http://blogs.zdnet.com/security/?p=427
- http://blogs.zdnet.com/security/?p=438
- http://secunia.com/advisories/26448
- http://www.securityfocus.com/bid/25265
- http://blogs.zdnet.com/security/?p=427
- http://blogs.zdnet.com/security/?p=438
- http://secunia.com/advisories/26448
- http://www.securityfocus.com/bid/25265
FAQ
What is CVE-2007-4315?
CVE-2007-4315 is a vulnerability with a CVSS score of 6.9 (MEDIUM). The AMD ATI atidsmxx.sys 3.0.502.0 driver on Windows Vista allows local users to bypass the driver signing policy, write to arbitrary kernel memory locations, and thereby gain privileges via unspecifi...
How severe is CVE-2007-4315?
CVE-2007-4315 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4315?
Check the references section above for vendor advisories and patch information. Affected products include: Amd Catalyst Driver, Ati Catalyst Driver, Microsoft Windows Vista.