 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.801111 |
| Categoría: | Buffer overflow |
| Título: | avast! Multiple Vulnerabilities (Oct 2009) - Windows |
| Resumen: | avast! AntiVirus is prone to multiple vulnerabilities. |
| Descripción: | Summary: avast! AntiVirus is prone to multiple vulnerabilities. Vulnerability Insight: - A boundary error exists in the 'aswMon2' kernel driver when processing IOCTLs. This can be exploited to cause a stack-based buffer overflow via a specially crafted 0xB2C80018 IOCTL. - An error in the 'AavmKer4.sys' kernel driver that can be exploited to corrupt memory via a specially crafted 0xB2D6000C or 0xB2D60034 IOCTL. - An unspecified error exists in the ashWsFtr.dll library which can be exploited to cause unknown impact. Vulnerability Impact: Successful exploitation will let the local attackers to cause a Denial of Service or gain escalated privileges on the victim's system. Affected Software/OS: avast! Home and Professional version prior to 4.8.1356 on Windows. Solution: Upgrade to avast! version 4.8.1356 or later. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-3522 BugTraq ID: 36507 http://www.securityfocus.com/bid/36507 Bugtraq: 20090923 Avast aswMon2.sys kernel memory corruption and Local Privilege Escalation. (Google Search) http://www.securityfocus.com/archive/1/506681/100/0/threaded https://www.evilfingers.com/advisory/Advisory/Avast_aswMon2.sys_kernel_memory_corruption_and_Local_Privilege_Escalation.php http://osvdb.org/58402 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6226 http://www.securitytracker.com/id?1022940 http://secunia.com/advisories/36858 http://www.vupen.com/english/advisories/2009/2761 XForce ISS Database: avast-aswmon2-bo(53456) https://exchange.xforce.ibmcloud.com/vulnerabilities/53456 Common Vulnerability Exposure (CVE) ID: CVE-2009-3523 http://www.ntinternals.org/ntiadv0904/ntiadv0904.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6024 Common Vulnerability Exposure (CVE) ID: CVE-2009-3524 http://osvdb.org/58403 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6509 |
| Copyright | Copyright (C) 2009 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |