CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5275
https://notcve.org/view.php?id=CVE-2018-5275
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E020. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). ** EN DISPUTA ** En Malwarebytes Premium 3.3.1.2183, el archivo del controlador (FARFLT.SYS) permite que usuarios locales provoquen una denegación de... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9C40E020 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5270
https://notcve.org/view.php?id=CVE-2018-5270
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e010. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). ** EN DISPUTA ** En Malwarebytes Premium 3.3.1.2183, el archivo del controlador (FARFLT.SYS) permite que usuarios locales provoquen una denegación de... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e010 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5279
https://notcve.org/view.php?id=CVE-2018-5279
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e02c. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). ** EN DISPUTA ** En Malwarebytes Premium 3.3.1.2183, el archivo del controlador (FARFLT.SYS) permite que usuarios locales provoquen una denegación de... • http://www.securityfocus.com/bid/102453 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5277
https://notcve.org/view.php?id=CVE-2018-5277
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e000. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). ** EN DISPUTA ** En Malwarebytes Premium 3.3.1.2183, el archivo del controlador (FARFLT.SYS) permite que usuarios locales provoquen una denegación de... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e000 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5274
https://notcve.org/view.php?id=CVE-2018-5274
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E024. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). ** EN DISPUTA ** En Malwarebytes Premium 3.3.1.2183, el archivo del controlador (FARFLT.SYS) permite que usuarios locales provoquen una denegación de... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9C40E024 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5278
https://notcve.org/view.php?id=CVE-2018-5278
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e00c. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). ** EN DISPUTA ** En Malwarebytes Premium 3.3.1.2183, el archivo del controlador (FARFLT.SYS) permite que usuarios locales provoquen una denegación de... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e00c • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2014-100039 – Malwarebytes Anti-Exploit 1.03.1.1220/1.04.1.1012 - Out-of-Bounds Read Denial of Service
https://notcve.org/view.php?id=CVE-2014-100039
13 Jan 2015 — mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service (crash) via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. NOTE: some of these details are obtained from third party information. mbae.sys en Malwarebytes Anti-Exploit anterior a 1.05.1.2014 permite a usuarios locales causar una denegación de servicio (caída) a través de un tamaño manipulado en una llamada IOCTL no especificada, lo que provoca una lectura fuera de rang... • https://www.exploit-db.com/exploits/35842 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 4CVE-2014-4936 – Malwarebytes Anti-Malware < 2.0.3 / Anti-Exploit < 1.03.1.1220 - Update Code Execution
https://notcve.org/view.php?id=CVE-2014-4936
16 Dec 2014 — The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable. La funcionalidad de actualización en el consumidor Malwarebytes Anti-Malware (MBAM) anterior a 2.0.3 y el consumidor Malwarebytes Anti-Exploit (MBAE) 1.04.1.1012 y anteriores permiten a atacantes man-in-the-middle ejecutar código arbitrari... • https://packetstorm.news/files/id/130244 • CWE-345: Insufficient Verification of Data Authenticity •