PT-2022-19330 · Avast · Avast Premium Security

Published

2022-05-20

Updated

2022-06-02

CVE-2022-28964

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Avast Premium Security versions prior to 21.11.2500

Description The issue allows attackers to cause a Denial of Service (DoS) via a crafted DLL file. This is due to an arbitrary file write vulnerability.

Recommendations For versions prior to 21.11.2500, update to version 21.11.2500 or later to resolve the issue. As a temporary workaround, consider restricting the use of crafted DLL files to minimize the risk of exploitation.

Exploit

Fix

Untrusted Search Path

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426

Related Identifiers

CVE-2022-28964

Affected Products

Avast Premium Security

PT-2022-19330 · Avast · Avast Premium Security

CVE-2022-28964

Weakness Enumeration

Related Identifiers

Affected Products

References · 6