[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Avast! Home and Professional 'aavmKer4.sys' Memory Corruption Vulnerability

ID: oval:org.mitre.oval:def:6024Date: (C)2009-11-25   (M)2022-10-10
Class: VULNERABILITYFamily: windows




aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625.

Platform:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Product:
Avast! AntiVirus
Reference:
CVE-2009-3523
CVE    1
CVE-2009-3523
CPE    7
cpe:/a:avast:avast_antivirus::windows
cpe:/o:microsoft:windows_xp::sp3:x86
cpe:/o:microsoft:windows_vista:::x86
cpe:/o:microsoft:windows_xp::sp2:x86
...

© SecPod Technologies