• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: GEAR Software CD DVD Filter Driver 'GEARAspiWDM.sys' Local Privilege Escalation Vulnerability

Severity: HIGH

Description:

GEAR Software CD DVD Filter driver ('GEARAspiWDM.sys') is a device driver that filters and records data onto a DVD or CD. The driver is included in various applications.

'GEARAspiWDM.sys' is prone to a local privilege-escalation vulnerability because it fails to restrict the number of times a user can invoke the Windows kernel function 'IoAttachDevice' from a user-space application. If an attacker invokes 'IoAttachDevice' several times, an integer overflow will occur, allowing the attacker to execute arbitrary code with SYSTEM-level privileges.

Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will cause a denial-of-service condition.

GEAR Software CD DVD filter driver is used by the following products:

Apple ITunes prior to 8.0
Norton 360 2.0 and prior
Norton Ghost 14 and prior
Norton Save and Restore 2.0 and prior
Backup Exec System Recovery 6, 7, and 8
Symantec LiveState Recovery

NOTE: This BID was previously titled 'Apple iTunes Third Party Driver Local Privilege Escalation Vulnerability', but new information has allowed us to update the BID to better reflect the root cause of the issue.

Affected Products:

• Apple iTunes 6.0.0
• Apple iTunes 6.0.1
• Apple iTunes 6.0.2
• Apple iTunes 6.0.3
• Apple iTunes 6.0.4
• Apple iTunes 6.0.5
• Apple iTunes 7.0.2
• Apple iTunes 7.3.0
• Apple iTunes 7.3.1
• Apple iTunes 7.3.2
• Apple iTunes 7.4
• GEAR Software GEAR Driver
• Symantec Backup Exec System Recovery Manager 6.0
• Symantec Backup Exec System Recovery Manager 7.0
• Symantec Backup Exec System Recovery Manager 7.0.1
• Symantec Backup Exec System Recovery Manager 7.0.2
• Symantec Backup Exec System Recovery Manager 7.0.3
• Symantec Backup Exec System Recovery Manager 7.0.4
• Symantec Backup Exec System Recovery Manager 8.0.0
• Symantec Backup Exec System Recovery Manager 8.0.1
• Symantec Backup Exec System Recovery Manager 8.0.2
• Symantec LiveState Recovery 6.0
• Symantec LiveState Recovery 6.01
• Symantec LiveState Recovery 6.02
• Symantec Norton 360 1.0
• Symantec Norton 360 2.0
• Symantec Norton Ghost 10.0
• Symantec Norton Ghost 10.1
• Symantec Norton Ghost 12.0
• Symantec Norton Ghost 13.0
• Symantec Norton Ghost 14.0
• Symantec Norton Save and Restore 2.0

References:

• Apple: iTunes Homepage
• Gear Software: Import Security Information
• Ruben Santamarta, Wintercore: Wintercore Research:: Advisory W02-1008
• Symantec: SYM08-017 Symantec Device Driver Local Elevation of Privilege
• US-CERT: Vulnerability Note VU#146896

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.