CVE-2022-4291 – Aswjsflt.dll in Avast Antivirus windows caused a crash of the Mozilla Firefox browser due to heap corruption

https://notcve.org/view.php?id=CVE-2022-4291

The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap corruption vulnerability that could enable an attacker to bypass the sandbox of the application it was loaded into, if applicable. This issue was fixed in version 18.0.1478 of the Script Shield Component. La librería aswjsflt.dll de las ventanas de Avast Antivirus contenía una vulnerabilidad de corrupción de montón potencialmente explotable que podría permitir a un atacante omitir la sandbox de la aplicación en la que se cargó, si corresponde. Este problema se solucionó en la versión 18.0.1478 del componente Script Shield. • https://support.norton.com/sp/static/external/tools/security-advisories.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •