7.2

CVE-2009-3522

Exploit
Stack-based buffer overflow in aswMon2.sys in avast! Home and Professional for Windows 4.8.1351, and possibly other versions before 4.8.1356, allows local users to cause a denial of service (system crash) and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80018.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AvastAvast Antivirus Home Version4.8.1351 Editionwindows
AvastAvast Antivirus Professional Version4.8.1351 Editionwindows
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.95% 0.565
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.avast.com/eng/avast-4-home_pro-revision-history.html
Vendor Advisory
http://osvdb.org/58402
http://secunia.com/advisories/36858
Vendor Advisory
http://www.securityfocus.com/archive/1/506681/100/0/threaded
http://www.securityfocus.com/bid/36507
Exploit
http://www.securitytracker.com/id?1022940
http://www.vupen.com/english/advisories/2009/2761
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/53456
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6226
https://www.evilfingers.com/advisory/Advisory/Avast_aswMon2.sys_kernel_memory_corruption_and_Local_Privilege_Escalation.php
Exploit