CyberSec.Space Logo
CVEブラウザに戻る

CVE-2008-4589

HIGH
7.2
CVSS Severity Score
EPSS Score0.1900%
EPSS Percentile18.13th
Published2008年10月15日
Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo Rescue and Recovery 4.20, including 4.20.0511 and 4.20.0512, allows local users to execute arbitrary code via a long file name.

Affected Platforms (CPE)

📦
Lenovo

Resuce And Recovery

= 4.20
📦
Lenovo

Resuce And Recovery

= 4.20.0511
📦
Lenovo

Resuce And Recovery

= 4.20.0512

References & Advisories

🔗 http://secunia.com/advisories/32252
🔗 http://securityreason.com/securityalert/4421
🔗 http://www-307.ibm.com/pc/support/site.wss/MIGR-4Q2QAK.html
🔗 http://www-307.ibm.com/pc/support/site.wss/MIGR-70699.html
🔗 http://www.isecpartners.com/advisories/2008-02-lenovornr.txt
🔗 http://www.securityfocus.com/archive/1/497277/100/0/threaded
🔗 http://www.securityfocus.com/bid/31737
🔗 http://www.securitytracker.com/id?1021041

関連する脆弱性情報

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...

CVE-2008-535510.0

The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...

CVE-2008-461510.0

Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.