CVE-2010-0705

Опубликовано: 25 фев. 2010

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.

Ссылки

http://forum.avast.com/index.php?topic=55484.0
Vendor Advisory
http://osvdb.org/62510
http://secunia.com/advisories/38677
Vendor Advisory
http://secunia.com/advisories/38689
Vendor Advisory
http://www.securityfocus.com/archive/1/509710/100/0/threaded
http://www.securityfocus.com/bid/38363
http://www.securitytracker.com/id?1023644
http://www.trapkit.de/advisories/TKADV2010-003.txt
http://www.vupen.com/english/advisories/2010/0449
Vendor Advisory
http://forum.avast.com/index.php?topic=55484.0
Vendor Advisory
http://osvdb.org/62510
http://secunia.com/advisories/38677
Vendor Advisory
http://secunia.com/advisories/38689
Vendor Advisory
http://www.securityfocus.com/archive/1/509710/100/0/threaded
http://www.securityfocus.com/bid/38363
http://www.securitytracker.com/id?1023644
http://www.trapkit.de/advisories/TKADV2010-003.txt
http://www.vupen.com/english/advisories/2010/0449
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:avast:avast_antivirus_home:*:*:windows:*:*:*:*:*

Версия до 5.0.396.0 (включая)

cpe:2.3:a:avast:avast_antivirus_home:4.8.1169:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_home:4.8.1195:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_home:4.8.1201:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_home:4.8.1227:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_home:4.8.1229:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_home:4.8.1282:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_home:4.8.1290:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_home:4.8.1296:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_home:4.8.1335:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_home:4.8.1351:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_home:4.8.1368.0:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:*:*:windows:*:*:*:*:*

Версия до 5.0.396.0 (включая)

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1169:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1195:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1201:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1227:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1229:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1282:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1290:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1296:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1335:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1351:*:windows:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1356.0:*:*:*:*:*:*:*

cpe:2.3:a:avast:avast_antivirus_professional:4.8.1368.0:*:windows:*:*:*:*:*

Одно из

cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.00207

Низкий

7.2 High

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-pq8r-7hph-pwj2

github

почти 4 года назад