CVE-2018-9063

N/A

MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv.

N/A

N/A

Lenovo System Update 缓冲区错误漏洞

Lenovo System Update是中国联想（Lenovo）公司的一套系统自动更新工具，它包括设备驱动更新、Windows系统补丁更新等。 Lenovo System Update 5.07.0072之前版本中的MapDrv(C:\Program Files\Lenovo\System Update\mapdrv.exe)存在缓冲区溢出漏洞。攻击者可通过输入较大的用户ID或密码利用该漏洞执行任意代码或其他操作。

N/A

N/A