Описание
Heap-based buffer overflow in the Avast virtualization driver (aswSnx.sys) in Avast Internet Security, Pro Antivirus, Premier, and Free Antivirus before 11.1.2253 allows local users to gain privileges via a Unicode file path in an IOCTL request.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Exploit
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 11.1.2245 (включая)Версия до 11.1.2245 (включая)Версия до 11.1.2245 (включая)Версия до 11.1.2245 (включая)
Одно из
cpe:2.3:a:avast:avast_free_antivirus:*:*:*:*:*:*:*:*
cpe:2.3:a:avast:avast_internet_security:*:*:*:*:*:*:*:*
cpe:2.3:a:avast:avast_premier:*:*:*:*:*:*:*:*
cpe:2.3:a:avast:avast_pro_antivirus:*:*:*:*:*:*:*:*
EPSS
Процентиль: 26%
0.00089
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
Heap-based buffer overflow in the Avast virtualization driver (aswSnx.sys) in Avast Internet Security, Pro Antivirus, Premier, and Free Antivirus before 11.1.2253 allows local users to gain privileges via a Unicode file path in an IOCTL request.
EPSS
Процентиль: 26%
0.00089
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-119