CVE-2016-3986

Опубликовано: 12 апр. 2016

Источник: nvd

CVSS3: 7.8

CVSS2: 9.3

EPSS Низкий

Описание

Avast allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted PE file, related to authenticode parsing.

Ссылки

http://packetstormsecurity.com/files/136090/Avast-Authenticode-Parsing-Memory-Corruption.html
Exploit
https://code.google.com/p/google-security-research/issues/detail?id=668
https://www.exploit-db.com/exploits/39530/
Exploit
http://packetstormsecurity.com/files/136090/Avast-Authenticode-Parsing-Memory-Corruption.html
Exploit
https://code.google.com/p/google-security-research/issues/detail?id=668
https://www.exploit-db.com/exploits/39530/
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:avast:avast:-:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03378

Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-jc57-w94j-r793