7.2
CVE-2010-0705
- EPSS 0.21%
- Published 25.02.2010 18:30:00
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.
Data is provided by the National Vulnerability Database (NVD)
Avast ≫ Avast Antivirus Home Editionwindows Version <= 5.0.396.0
Avast ≫ Avast Antivirus Home Version4.8.1169 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1195 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1201 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1227 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1229 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1282 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1290 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1296 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1335 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1351 Editionwindows
Avast ≫ Avast Antivirus Home Version4.8.1368.0 Editionwindows
Avast ≫ Avast Antivirus Professional Editionwindows Version <= 5.0.396.0
Avast ≫ Avast Antivirus Professional Version4.8.1169 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1195 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1201 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1227 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1229 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1282 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1290 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1296 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1335 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1351 Editionwindows
Avast ≫ Avast Antivirus Professional Version4.8.1356.0
Avast ≫ Avast Antivirus Professional Version4.8.1368.0 Editionwindows
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.433 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.