CVE-2024-7235
AVG AntiVirus Free Link Following Denial-of-Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
AVG AntiVirus Free Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to create a folder. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
. Was ZDI-CAN-22803.
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the AVG Service. By creating a symbolic link, an attacker can abuse the service to create a folder. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-07-29 CVE Reserved
- 2024-07-29 CVE Published
- 2024-11-23 CVE Updated
- 2024-11-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-59: Improper Link Resolution Before File Access ('Link Following')
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://www.zerodayinitiative.com/advisories/ZDI-24-1006 | X_research Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
AVG Search vendor "AVG" | AntiVirus Free Search vendor "AVG" for product "AntiVirus Free" | 23.11.8635.809 Search vendor "AVG" for product "AntiVirus Free" and version "23.11.8635.809" | en |
Affected
|