CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 1CVE-2010-0705 – Avast! 4.7 - 'aavmker4.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-0705
25 Feb 2010 — Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption. Aavmker4.sys en avast! desde v4.8 hasta v4.8.1368.0 y v5.0 anteriores a v5.0.418.0 corriendo sobre Windows 2000 o XP, no valida adecuadamente una entrada a IOCT... • https://www.exploit-db.com/exploits/12406 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 2CVE-2009-3523 – Avast! 4.7 - 'aavmker4.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-3523
01 Oct 2009 — aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625. aavmKer4.sys en avast! Home y Professional para Windows anterior v4.8.1356 no proporciona entradas validad en IOCTLs (1) 0xb2d6000c y (2) 0xb2d60034, que permite a usuarios locales obtener ... • https://www.exploit-db.com/exploits/12406 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 3CVE-2009-3522 – Avast! 4.8.1351.0 AntiVirus - 'aswMon2.sys' Kernel Memory Corruption
https://notcve.org/view.php?id=CVE-2009-3522
01 Oct 2009 — Stack-based buffer overflow in aswMon2.sys in avast! Home and Professional for Windows 4.8.1351, and possibly other versions before 4.8.1356, allows local users to cause a denial of service (system crash) and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80018. Desbordamiento de búfer basado en pila en aswMon2.sys en avast! Home y Professional para Windows v4.8.1351, y probablemente otras versiones anteriores v4.8.1356, permite a usuarios locales causar una denegación de servicios (caíd... • https://www.exploit-db.com/exploits/10106 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 29EXPL: 0CVE-2009-3524
https://notcve.org/view.php?id=CVE-2009-3524
01 Oct 2009 — Unspecified vulnerability in ashWsFtr.dll in avast! Home and Professional for Windows before 4.8.1356 has unknown impact and local attack vectors. Vulnerabilidad inesperada en ashWsFtr.dll en avast! Home y Professional para Windows anterior v4.8.1356 tiene un impacto y vectores de ataque no especificados. • http://osvdb.org/58403 •