CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-23727
https://notcve.org/view.php?id=CVE-2020-23727
There is a local denial of service vulnerability in the Antiy Zhijia Terminal Defense System 5.0.2.10121559 and an attacker can cause a computer crash (BSOD). Se presenta una vulnerabilidad local de denegación de servicio en Antiy Zhijia Terminal Defense System versión 5.0.2.10121559 y un atacante puede causar un bloqueo del ordenador (BSOD) • https://github.com/y5s5k5/CVE-2020-23727 https://github.com/y5s5k5/POCtemp3 https://www.antiy.com •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20331 – ATool 1.0.0.22 Buffer Overflow
https://notcve.org/view.php?id=CVE-2018-20331
Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002004 by the ssdt.sys kernel driver. The bug is caused by failure to properly validate the length of the user-supplied data. An attacker can leverage this vulnerability to execute arbitrary code in the context of the kernel, which could lead to privilege escalation. • https://packetstormsecurity.com/files/150900 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-19650
https://notcve.org/view.php?id=CVE-2018-19650
Local attackers can trigger a stack-based buffer overflow on vulnerable installations of Antiy-AVL ATool security management v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002000 by the IRPFile.sys Antiy-AVL ATool kernel driver. The bug is caused by failure to properly validate the length of the user-supplied data, which results in a kernel stack buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code in the context of the kernel, which could lead to privilege escalation and a failed exploit could lead to denial of service. • http://packetstormsecurity.com/files/150549/ATool-1.0.0.22-Stack-Buffer-Overflow.html • CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2017-10706
https://notcve.org/view.php?id=CVE-2017-10706
When Antiy Antivirus Engine before 5.0.0.05171547 scans a special ZIP archive, it crashes with a stack-based buffer overflow because a fixed path length is used. Cuando Antiy Antivirus Engine anterior a la versión 5.0.0.05171547, analiza un archivo ZIP especial, se bloquea con un desbordamiento de búfer en la región stack de la memoria porque se utiliza una longitud de ruta (path) fija. • http://www.lofter.com/lpost/1d52afc9_105e13e5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-10674
https://notcve.org/view.php?id=CVE-2017-10674
Antiy Antivirus Engine 5.0.0.06281654 allows local users to cause a denial of service (BSOD) via a long third argument in a DeviceIoControl call. Antiy Antivirus Engine 5.0.0.06281654 permite que usuarios locales provoquen una denegación de servicio (BSOD) mediante un tercer argumento largo en una llamada DeviceIoControl. • http://blog.csdn.net/wdone/article/details/73958872 • CWE-20: Improper Input Validation •