PT-2009-5814 · Avast · Avast!
Publicado
2009-10-01
·
Atualizado
2018-10-10
·
CVE-2009-3522
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
avast! Home and Professional versions 4.8.1351 through 4.8.1355
Description
A stack-based buffer overflow issue exists, allowing local users to cause a system crash and possibly gain privileges. This is achieved by sending a crafted IOCTL request to the IOCTL 0xb2c80018 endpoint.
Recommendations
For versions 4.8.1351 through 4.8.1355, update to version 4.8.1356 or later to resolve the issue. As a temporary workaround, consider restricting access to the aswMon2.sys driver to minimize the risk of exploitation.
Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Avast!