Test ID:	1.3.6.1.4.1.25623.1.0.800479
Category:	Denial of Service
Title:	Avast Antivirus 'aavmker4.sys' Denial Of Service Vulnerability - Windows
Summary:	Avast AntiVirus is prone to a denial of service (DoS) vulnerability.
Description:	Summary: Avast AntiVirus is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to an error in the 'aavmker4.sys' kernel driver when processing certain IOCTLs. This can be exploited to corrupt kernel memory via a specially crafted 0xb2d60030 IOCTL. Vulnerability Impact: Successful exploitation will let the local attackers to cause a Denial of Service or gain escalated privileges on the victim's system. Affected Software/OS: Avast Antivirus Home and Professional version 4.8 to 4.8.1368.0 and avast! Home and Professional version 5.0 before 5.0.418.0 on Windows. Solution: Update to Avast Antivirus version 5.0.418 or later. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0705 BugTraq ID: 38363 http://www.securityfocus.com/bid/38363 Bugtraq: 20100223 [TKADV2010-003] avast! 4.8 and 5.0 aavmker4.sys Kernel Memory Corruption (Google Search) http://www.securityfocus.com/archive/1/509710/100/0/threaded http://www.trapkit.de/advisories/TKADV2010-003.txt http://osvdb.org/62510 http://www.securitytracker.com/id?1023644 http://secunia.com/advisories/38677 http://secunia.com/advisories/38689 http://www.vupen.com/english/advisories/2010/0449
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.