Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2010-0705
HistoryFeb 25, 2010 - 6:30 p.m.

CVE-2010-0705

2010-02-2518:30:00
CWE-20
mitre
web.nvd.nist.gov
30
avast
aavmker4.sys
ioctl
local privilege escalation
cve-2010-0705
memory corruption

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0

Percentile

5.1%

JSON

Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.

Affected configurations

Nvd
Node
avastavast_antivirus_homeRange5.0.396.0windows
OR
avastavast_antivirus_homeMatch4.8.1169windows
OR
avastavast_antivirus_homeMatch4.8.1195windows
OR
avastavast_antivirus_homeMatch4.8.1201windows
OR
avastavast_antivirus_homeMatch4.8.1227windows
OR
avastavast_antivirus_homeMatch4.8.1229windows
OR
avastavast_antivirus_homeMatch4.8.1282windows
OR
avastavast_antivirus_homeMatch4.8.1290windows
OR
avastavast_antivirus_homeMatch4.8.1296windows
OR
avastavast_antivirus_homeMatch4.8.1335windows
OR
avastavast_antivirus_homeMatch4.8.1351windows
OR
avastavast_antivirus_homeMatch4.8.1368.0windows
OR
avastavast_antivirus_professionalRange5.0.396.0windows
OR
avastavast_antivirus_professionalMatch4.8.1169windows
OR
avastavast_antivirus_professionalMatch4.8.1195windows
OR
avastavast_antivirus_professionalMatch4.8.1201windows
OR
avastavast_antivirus_professionalMatch4.8.1227windows
OR
avastavast_antivirus_professionalMatch4.8.1229windows
OR
avastavast_antivirus_professionalMatch4.8.1282windows
OR
avastavast_antivirus_professionalMatch4.8.1290windows
OR
avastavast_antivirus_professionalMatch4.8.1296windows
OR
avastavast_antivirus_professionalMatch4.8.1335windows
OR
avastavast_antivirus_professionalMatch4.8.1351windows
OR
avastavast_antivirus_professionalMatch4.8.1356.0
OR
avastavast_antivirus_professionalMatch4.8.1368.0windows
AND
microsoftwindows_2000
OR
microsoftwindows_xp
VendorProductVersionCPE
avastavast_antivirus_home*cpe:2.3:a:avast:avast_antivirus_home:*:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1169cpe:2.3:a:avast:avast_antivirus_home:4.8.1169:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1195cpe:2.3:a:avast:avast_antivirus_home:4.8.1195:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1201cpe:2.3:a:avast:avast_antivirus_home:4.8.1201:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1227cpe:2.3:a:avast:avast_antivirus_home:4.8.1227:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1229cpe:2.3:a:avast:avast_antivirus_home:4.8.1229:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1282cpe:2.3:a:avast:avast_antivirus_home:4.8.1282:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1290cpe:2.3:a:avast:avast_antivirus_home:4.8.1290:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1296cpe:2.3:a:avast:avast_antivirus_home:4.8.1296:*:windows:*:*:*:*:*
avastavast_antivirus_home4.8.1335cpe:2.3:a:avast:avast_antivirus_home:4.8.1335:*:windows:*:*:*:*:*
Rows per page:
1-10 of 271

Related

nvd 1
prion 1
nessus 1
kaspersky 1
openvas 2
cvelist 1
exploitdb 1
nvd
nvd
CVE-2010-0705
2010-02-25 18:30:00
prion
prion
Memory corruption
2010-02-25 18:30:00
nessus
nessus
avast! Professional Edition < 5.0.418 Local Privilege Escalation
2010-02-23 00:00:00
kaspersky
kaspersky
KLA10414 ACe vulnerability in Avast! Antivirus
2010-02-25 00:00:00
openvas
openvas
Aast! Antivirus 'aavmker4.sys' Denial Of Service Vulnerability (Windows)
2010-03-02 00:00:00
Avast Antivirus 'aavmker4.sys' Denial Of Service Vulnerability - Windows
2010-03-02 00:00:00
cvelist
cvelist
CVE-2010-0705
2010-02-25 18:03:00
exploitdb
exploitdb
Avast! 4.7 - &#039;aavmker4.sys&#039; Local Privilege Escalation
2010-04-27 00:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2010-0705
nvd1prion1nessus1kaspersky1openvas2cvelist1exploitdb1