7.2
CVE-2010-0705
- EPSS 0.21%
- Veröffentlicht 25.02.2010 18:30:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Avast ≫ Avast Antivirus Home Editionwindows Version <= 5.0.396.0
Avast ≫ Avast Antivirus Home Version4.8.1169 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1195 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1201 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1227 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1229 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1282 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1290 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1296 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1335 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1351 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1368.0 Editionwindows
Avast ≫ Avast Antivirus Professional Editionwindows Version <= 5.0.396.0
Avast ≫ Avast Antivirus Professional Version4.8.1169 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1195 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1201 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1227 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1229 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1282 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1290 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1296 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1335 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1351 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1356.0
Avast ≫ Avast Antivirus Professional Version4.8.1368.0 Editionwindows
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.433 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.