CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-18026
https://notcve.org/view.php?id=CVE-2018-18026
IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of service or code execution attack. IMFCameraProtect.sys en IObit Malware Fighter 6.2 (y probablemente versiones anteriores) es vulnerable a un desbordamiento de búfer basado en pila. El atacante puede emplear DeviceIoControl para pasar un tamaño determinado por el usuario, que puede emplearse para sobrescribir direcciones de retorno. • https://github.com/DownWithUp/CVE-2018-18026 https://downwithup.github.io/CVEPosts.html https://exchange.xforce.ibmcloud.com/vulnerabilities/151849 • CWE-787: Out-of-bounds Write •