CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-0122
https://notcve.org/view.php?id=CVE-2013-0122
22 Apr 2013 — The avast! Mobile Security application before 2.0.4400 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity with zero arguments. La aplicación avast! Mobile Security anterior a v2.0.4400 para Android permite a atacantes provocar una denegación de servicio (bloqueo de la aplicación) mediante una aplicación especialmente diseñada que envía una intento a com.avast.android.m... • http://www.kb.cert.org/vuls/id/131263 • CWE-20: Improper Input Validation •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2010-5151
https://notcve.org/view.php?id=CVE-2010-5151
25 Aug 2012 — Race condition in avast! Internet Security 5.0.462 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has alread... • http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 5%CPEs: 1EXPL: 2CVE-2010-3126 – Avast! 5.0.594 - 'mfc90loc.dll' License Files DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-3126
26 Aug 2010 — Untrusted search path vulnerability in avast! Free Antivirus version 5.0.594 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc90loc.dll that is located in the same folder as an avast license (.avastlic) file. Vulnerabilidad de búsqueda en ruta no confiable en avast! Free Antivirus v5.0.594 y anteriores, permite a usuarios locales y posiblemente atacantes remotos, la ejecución de código de su elección y llevar a c... • https://www.exploit-db.com/exploits/14743 •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 1CVE-2010-0705 – Avast! 4.7 - 'aavmker4.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-0705
25 Feb 2010 — Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption. Aavmker4.sys en avast! desde v4.8 hasta v4.8.1368.0 y v5.0 anteriores a v5.0.418.0 corriendo sobre Windows 2000 o XP, no valida adecuadamente una entrada a IOCT... • https://www.exploit-db.com/exploits/12406 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2009-4049 – Avast! AntiVirus 4.8.1356 - 'aswRdr.sys' Driver Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-4049
23 Nov 2009 — Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024. Desbordamiento de búfer basado en memoria dinámica (heap) en aswRdr.sys (también conocido como el controlador TDI RDR) en avast! Home y Professional v4.8.1356.0, permite a usuarios locales provocar una denegación de servicio (corrupción de memoria) o posiblemente ... • https://www.exploit-db.com/exploits/33360 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2009-3522 – Avast! 4.8.1351.0 AntiVirus - 'aswMon2.sys' Kernel Memory Corruption
https://notcve.org/view.php?id=CVE-2009-3522
01 Oct 2009 — Stack-based buffer overflow in aswMon2.sys in avast! Home and Professional for Windows 4.8.1351, and possibly other versions before 4.8.1356, allows local users to cause a denial of service (system crash) and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80018. Desbordamiento de búfer basado en pila en aswMon2.sys en avast! Home y Professional para Windows v4.8.1351, y probablemente otras versiones anteriores v4.8.1356, permite a usuarios locales causar una denegación de servicios (caíd... • https://www.exploit-db.com/exploits/10106 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 2CVE-2009-3523 – Avast! 4.7 - 'aavmker4.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-3523
01 Oct 2009 — aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625. aavmKer4.sys en avast! Home y Professional para Windows anterior v4.8.1356 no proporciona entradas validad en IOCTLs (1) 0xb2d6000c y (2) 0xb2d60034, que permite a usuarios locales obtener ... • https://www.exploit-db.com/exploits/12406 • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 29EXPL: 0CVE-2009-3524
https://notcve.org/view.php?id=CVE-2009-3524
01 Oct 2009 — Unspecified vulnerability in ashWsFtr.dll in avast! Home and Professional for Windows before 4.8.1356 has unknown impact and local attack vectors. Vulnerabilidad inesperada en ashWsFtr.dll en avast! Home y Professional para Windows anterior v4.8.1356 tiene un impacto y vectores de ataque no especificados. • http://osvdb.org/58403 •
CVSS: 9.8EPSS: 4%CPEs: 3EXPL: 0CVE-2008-6846
https://notcve.org/view.php?id=CVE-2008-6846
02 Jul 2009 — Multiple stack-based buffer overflows in avast! Linux Home Edition 1.0.5, 1.0.5-1, and 1.0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via a malformed (1) ISO or (2) RPM file. Múltiple desbordamiento de búfer basado en pila en avast! Linux Home Edition v1.0.5, v1.0.5-1, y v1.0.8 que permite a los atacantes remotos causar una denegación de servicio (caída de la aplicación) o ejecutar arbitrariamente código a través de ficheros malformados (1) ISO o (2) ... • http://osvdb.org/52016 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-5523
https://notcve.org/view.php?id=CVE-2008-5523
12 Dec 2008 — avast! antivirus 4.8.1281.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. avast! antivirus v4.8.1281.0, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detección de malware en un docume... • http://securityreason.com/securityalert/4723 • CWE-20: Improper Input Validation •