exploitDog

CVE-2018-12572

Опубликовано: 21 мар. 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 2.1

EPSS Низкий

Описание

Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.

Ссылки

http://packetstormsecurity.com/files/151590/Avast-Anti-Virus-Local-Credential-Disclosure.html
Exploit
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/151590/Avast-Anti-Virus-Local-Credential-Disclosure.html
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:avast:free_antivirus:*:*:*:*:*:*:*:*

Версия до 19.1.2360 (исключая)

EPSS

Процентиль: 10%

0.00034

Низкий

7.8 High

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-mxrp-w3c8-g53w

CVSS3: 7.8

github

больше 3 лет назад

Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.

EPSS

Процентиль: 10%

0.00034

Низкий

7.8 High

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-312