CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6260 – Malwarebytes Antimalware Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-6260
05 Sep 2024 — Malwarebytes Antimalware Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Antimalware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Malwarebytes service. By creating a symbolic link, an attacker can abuse the service to delete a file. • https://www.malwarebytes.com/secure/cves • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 2CVE-2019-7651
https://notcve.org/view.php?id=CVE-2019-7651
08 Feb 2019 — EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\EPP device are not properly protected, leading to unintended impersonation or object creation. This vulnerability has been fixed in version 2018.12 and later. EPP.sys en Emsisoft Anti-Malware, en versiones anteriores a la 2018.12, permite a los atacantes omitir las ACL debido a que las caracte... • https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6625
https://notcve.org/view.php?id=CVE-2018-6625
05 Feb 2018 — In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010. En WatchDog Anti-Malware 2.74.186.150, el archivo del controlador (ZAMGUARD32.SYS) permite que usuarios locales provoquen una denegación de servicio (BSOD) o que, posiblemente, tengan otro impacto sin especificar debido a que no valida los valores de entrada desde IOCtl 0x80002010... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/WatchDog_AntiMalware_POC/tree/master/0x80002010 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6627
https://notcve.org/view.php?id=CVE-2018-6627
05 Feb 2018 — In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002054. En WatchDog Anti-Malware 2.74.186.150, el archivo del controlador (ZAMGUARD32.SYS) permite que usuarios locales provoquen una denegación de servicio (BSOD) o que, posiblemente, tengan otro impacto sin especificar debido a que no valida los valores de entrada desde IOCtl 0x80002054... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/WatchDog_AntiMalware_POC/tree/master/0x80002054 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5713
https://notcve.org/view.php?id=CVE-2018-5713
16 Jan 2018 — In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010. En Malwarefox Anti-Malware 2.72.169, el archivo del controlador (zam64.sys) permite que usuarios locales provoquen una denegación de servicio (BSOD) o que, posiblemente, tengan otro impacto sin especificar debido a que no valida los valores de entrada desde IOCtl 0x80002010. • https://github.com/whiteHat001/DRIVER_POC/tree/master/malwarefox/0x80002010 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5714
https://notcve.org/view.php?id=CVE-2018-5714
16 Jan 2018 — In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002054. En Malwarefox Anti-Malware 2.72.169, el archivo del controlador (zam64.sys) permite que usuarios locales provoquen una denegación de servicio (BSOD) o que, posiblemente, tengan otro impacto sin especificar frbido a que no valida los valores de entrada desde IOCtl 0x80002054. • https://github.com/whiteHat001/DRIVER_POC/tree/master/malwarefox/0x80002054 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 3CVE-2017-15920 – Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference
https://notcve.org/view.php?id=CVE-2017-15920
27 Oct 2017 — In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. En Watchdog Anti-Malware 2.74.186.150 y Online Security Pro 2.74.186.150, el controlador zam32.sys contiene una vulnerabilidad de desreferencia de puntero NULL que se desencadena al enviar una op... • https://packetstorm.news/files/id/144786 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 3CVE-2017-15921 – Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference
https://notcve.org/view.php?id=CVE-2017-15921
27 Oct 2017 — In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated. En Watchdog Anti-Malware 2.74.186.150 y Online Security Pro 2.74.186.150, el controlador zam32.sys contiene una vulnerabilidad de desreferencia de puntero NULL que se desencadena al enviar una op... • https://packetstorm.news/files/id/144786 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 4%CPEs: 11EXPL: 0CVE-2012-1423
https://notcve.org/view.php?id=CVE-2012-1423
21 Mar 2012 — The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, K7 AntiVirus 9.77.3565, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CV... • http://osvdb.org/80393 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 60%CPEs: 16EXPL: 0CVE-2012-1425
https://notcve.org/view.php?id=CVE-2012-1425
21 Mar 2012 — The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Prote... • http://osvdb.org/80389 • CWE-264: Permissions, Privileges, and Access Controls •