Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2009-3523
HistoryOct 01, 2009 - 5:00 p.m.

CVE-2009-3523

2009-10-0117:00:00
CWE-20
mitre
web.nvd.nist.gov
33
avast
windows
cve
2009
3523
privilege escalation
vulnerability

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0

Percentile

5.1%

JSON

aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625.

Affected configurations

Nvd
Node
avastavast_antivirus_homeRange4.8.1351windows
OR
avastavast_antivirus_homeMatch4.7.827windows
OR
avastavast_antivirus_homeMatch4.7.844windows
OR
avastavast_antivirus_homeMatch4.7.869windows
OR
avastavast_antivirus_homeMatch4.7.1043windows
OR
avastavast_antivirus_homeMatch4.7.1098windows
OR
avastavast_antivirus_homeMatch4.8.1169windows
OR
avastavast_antivirus_homeMatch4.8.1195windows
OR
avastavast_antivirus_homeMatch4.8.1201windows
OR
avastavast_antivirus_homeMatch4.8.1227windows
OR
avastavast_antivirus_homeMatch4.8.1229windows
OR
avastavast_antivirus_homeMatch4.8.1282windows
OR
avastavast_antivirus_homeMatch4.8.1290windows
OR
avastavast_antivirus_homeMatch4.8.1296windows
OR
avastavast_antivirus_homeMatch4.8.1335windows
OR
avastavast_antivirus_professionalRange4.8.1351windows
OR
avastavast_antivirus_professionalMatch4.7.827windows
OR
avastavast_antivirus_professionalMatch4.7.844windows
OR
avastavast_antivirus_professionalMatch4.7.1043windows
OR
avastavast_antivirus_professionalMatch4.7.1098windows
OR
avastavast_antivirus_professionalMatch4.8.1169windows
OR
avastavast_antivirus_professionalMatch4.8.1195windows
OR
avastavast_antivirus_professionalMatch4.8.1201windows
OR
avastavast_antivirus_professionalMatch4.8.1227windows
OR
avastavast_antivirus_professionalMatch4.8.1229windows
OR
avastavast_antivirus_professionalMatch4.8.1282windows
OR
avastavast_antivirus_professionalMatch4.8.1290windows
OR
avastavast_antivirus_professionalMatch4.8.1296windows
OR
avastavast_antivirus_professionalMatch4.8.1335windows
VendorProductVersionCPE
avastavast_antivirus_home*cpe:2.3:a:avast:avast_antivirus_home:*:*:windows:*:*:*:*:*
avastavast_antivirus_home4.7.827cpe:2.3:a:avast:avast_antivirus_home:4.7.827:*:windows:*:*:*:*:*
avastavast_antivirus_home4.7.844cpe:2.3:a:avast:avast_antivirus_home:4.7.844:*:windows:*:*:*:*:*
avastavast_antivirus_home4.7.869cpe:2.3:a:avast:avast_antivirus_home:4.7.869:*:windows:*:*:*:*:*
avastavast_antivirus_home4.7.1043cpe:2.3:a:avast:avast_antivirus_home:4.7.1043:*:windows:*:*:*:*:*
avastavast_antivirus_home4.7.1098cpe:2.3:a:avast:avast_antivirus_home:4.7.1098:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1169cpe:2.3:a:avast:avast_antivirus_home:4.8.1169:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1195cpe:2.3:a:avast:avast_antivirus_home:4.8.1195:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1201cpe:2.3:a:avast:avast_antivirus_home:4.8.1201:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1227cpe:2.3:a:avast:avast_antivirus_home:4.8.1227:*:windows:*:*:*:*:*
Rows per page:
1-10 of 291

Related

prion 2
cvelist 2
nvd 2
seebug 2
exploitdb 1
openvas 2
nessus 1
packetstorm 1
exploitpack 1
zdt 1
cve 1
prion
prion
Memory corruption
2009-10-01 17:00:00
Input validation
2008-04-02 17:44:00
cvelist
cvelist
CVE-2009-3523
2009-10-01 16:00:00
CVE-2008-1625
2008-04-02 17:00:00
nvd
nvd
CVE-2009-3523
2009-10-01 17:00:00
CVE-2008-1625
2008-04-02 17:44:00
seebug
seebug
Avast! Antivirus aavmKer4.sys驱动本地权限提升漏洞
2009-11-05 00:00:00
avast! 4.7 aavmker4.sys privilege escalation
2010-04-28 00:00:00
exploitdb
exploitdb
Avast! 4.7 - 'aavmker4.sys' Local Privilege Escalation
2010-04-27 00:00:00
openvas
openvas
avast! Multiple Vulnerabilities (Oct 2009) - Windows
2009-10-08 00:00:00
avast! Multiple Vulnerabilities - Oct09 (Windows)
2009-10-08 00:00:00
nessus
nessus
avast! Professional Edition < 4.8.1356 Multiple Vulnerabilities
2009-10-27 00:00:00
packetstorm
packetstorm
Avast! 4.7 Privilege Escalation
2010-04-27 00:00:00
exploitpack
exploitpack
Avast! 4.7 - aavmker4.sys Local Privilege Escalation
2010-04-27 00:00:00
zdt
zdt
Avast! 4.7 aavmker4.sys privilege escalation
2010-04-27 00:00:00
cve
cve
CVE-2008-1625
2008-04-02 17:44:00

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2009-3523
prion2cvelist2nvd2seebug2exploitdb1openvas2nessus1packetstorm1exploitpack1zdt1cve1