PT-2015-4314 · Avg · Avgtdix.Sys+2

Publicado

2015-02-06

Atualizado

2019-02-01

CVE-2014-9632

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions AVG Internet Security versions prior to 2013.3495 Hot Fix 18 AVG Internet Security versions 2015.x prior to 2015.5315 AVG Protection versions prior to 2015.5315

Description The issue allows local users to gain privileges by writing to arbitrary memory locations via a crafted 0x830020f8 IOCTL call to the TDI driver (avgtdix.sys).

Recommendations For AVG Internet Security versions prior to 2013.3495 Hot Fix 18, update to version 2013.3495 Hot Fix 18 or later. For AVG Internet Security versions 2015.x prior to 2015.5315, update to version 2015.5315 or later. For AVG Protection versions prior to 2015.5315, update to version 2015.5315 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2014-9632

Produtos afetados

Avg Internet Security

Avg Protection

Avgtdix.Sys

PT-2015-4314 · Avg · Avgtdix.Sys+2

CVE-2014-9632

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7