exploitDog

CVE-2018-6206

Опубликовано: 25 янв. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 6.1

EPSS Низкий

Описание

In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220011.

Ссылки

https://github.com/ZhiyuanWang-Chengdu-Qihoo360/MaxSecureAntivirus_POC/tree/master/MaxProtector32_0x220011
Exploit
Third Party Advisory
https://github.com/ZhiyuanWang-Chengdu-Qihoo360/MaxSecureAntivirus_POC/tree/master/MaxProtector32_0x220011
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:maxpcsecure:anti_virus:19.0.3.019:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00039

Низкий

7.8 High

CVSS3

6.1 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-22mx-4vrq-5mfr

CVSS3: 7.8

github

около 3 лет назад

In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220011.

EPSS

Процентиль: 11%

0.00039

Низкий

7.8 High

CVSS3

6.1 Medium

CVSS2

Дефекты

CWE-20