CVE-2009-4049
Avast! AntiVirus 4.8.1356 - 'aswRdr.sys' Driver Privilege Escalation
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024.
Desbordamiento de búfer basado en memoria dinámica (heap) en aswRdr.sys (también conocido como el controlador TDI RDR) en avast! Home y Professional v4.8.1356.0, permite a usuarios locales provocar una denegación de servicio (corrupción de memoria) o posiblemente elevar sus privilegios a través de argumentos manipulados a IOCTL 0x80002024.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-11-16 First Exploit
- 2009-11-23 CVE Reserved
- 2009-11-23 CVE Published
- 2023-07-17 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.efblog.net/2009/11/avast-aswrdrsys-kernel-pool-corruption.html | X_refsource_misc | |
| http://www.securityfocus.com/archive/1/507891/100/0/threaded | Mailing List | |
| https://www.evilfingers.com/advisory/Advisory/Avast_aswRdr_sys_Kernel_Pool_Corruption_and_Local_Privilege_Escalation.php | X_refsource_misc |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/33360 | 2009-11-16 | |
| https://github.com/fengjixuchui/CVE-2009-4049 | 2022-07-10 | |
| http://www.securityfocus.com/bid/37031 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/37368 | 2018-10-10 | |
| http://www.vupen.com/english/advisories/2009/3266 | 2018-10-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Avast Search vendor "Avast" | Avast Antivirus Home Search vendor "Avast" for product "Avast Antivirus Home" | 4.8.1356.0 Search vendor "Avast" for product "Avast Antivirus Home" and version "4.8.1356.0" | - |
Affected
| ||||||
| Avast Search vendor "Avast" | Avast Antivirus Professional Search vendor "Avast" for product "Avast Antivirus Professional" | 4.8.1356.0 Search vendor "Avast" for product "Avast Antivirus Professional" and version "4.8.1356.0" | - |
Affected
| ||||||