PT-2015-3026 · Avg · Avg Internet Security

Published

2015-12-16

Updated

2016-11-28

CVE-2015-8578

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions AVG Internet Security version 2015

Description The issue allows attackers to bypass the DEP and ASLR protection mechanisms. This is due to the allocation of memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes. The exploitation of this issue may enable a remote attacker to bypass the protection mechanisms.

Recommendations For AVG Internet Security version 2015, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

BDU:2016-00231

CVE-2015-8578

Affected Products

Avg Internet Security

PT-2015-3026 · Avg · Avg Internet Security

CVE-2015-8578

Weakness Enumeration

Related Identifiers

Affected Products

References · 6