CVE-2007-3777
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
avg7core.sys 7.5.0.444 in Grisoft AVG Anti-Virus 7.5.448 and Free Edition 7.5.446, provides an internal function that copies data to an arbitrary address, which allows local users to gain privileges via arbitrary address arguments to a function provided by the 0x5348E004 IOCTL for the generic DeviceIoControl handler.
avg7core.sys 7.5.0.444 en Grisoft AVG Anti-Virus 7.5.448 y Free Edition 7.5.446, proporciona una función interna que copia datos a una direción arbitraria, lo cual permite a usuarios locales obtener privilegios mediante argumentos de dirección arbitrarios para una función proporcionada por la llamada IOCTL 0x5348E004 al manejador DeviceIoControl.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-07-15 CVE Reserved
- 2007-07-15 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/37975 | Vdb Entry | |
| http://securityreason.com/securityalert/2887 | Third Party Advisory | |
| http://securitytracker.com/id?1018362 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/473360/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/24870 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/2518 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35345 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/25998 | 2018-10-15 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Grisoft Search vendor "Grisoft" | Avg Antivirus Search vendor "Grisoft" for product "Avg Antivirus" | 7.5.446 Search vendor "Grisoft" for product "Avg Antivirus" and version "7.5.446" | free |
Affected
| ||||||
| Grisoft Search vendor "Grisoft" | Avg Antivirus Search vendor "Grisoft" for product "Avg Antivirus" | 7.5.448 Search vendor "Grisoft" for product "Avg Antivirus" and version "7.5.448" | - |
Affected
| ||||||