High severity7.8NVD Advisory· Published May 13, 2008· Updated Jun 16, 2026
CVE-2008-0322
CVE-2008-0322
Description
The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsoft Windows XP sets Everyone/Write permissions for the "\\.\I2OExc" device interface, which allows local users to gain privileges. NOTE: this issue can be leveraged to overwrite arbitrary memory and execute code via an IOCTL call with a crafted DeviceObject pointer.
Affected products
3cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
- (no CPE)range: 5.1.2600.2180
- Range: 5.1.2600.2180
Patches
Vulnerability mechanics
References
6- labs.idefense.com/intelligence/vulnerabilities/display.phpnvdBroken LinkPatch
- secunia.com/advisories/30203nvdBroken LinkPatchVendor Advisory
- www.securityfocus.com/bid/29171nvdBroken LinkPatchThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/42358nvdThird Party AdvisoryVDB Entry
- www.vupen.com/english/advisories/2008/1476/referencesnvdPermissions Required
News mentions
0No linked articles in our index yet.