CVE-2009-3523

2009-10-0117:00:00

CWE-20

[email protected]

web.nvd.nist.gov

avast

windows

cve

2009

3523

privilege escalation

vulnerability

6.3 Medium

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625.

CPENameOperatorVersion
avast:avast_antivirus_professionalavast avast antivirus professionaleq4.8.1169
avast:avast_antivirus_homeavast avast antivirus homeeq4.7.1098
avast:avast_antivirus_professionalavast avast antivirus professionaleq4.7.827
avast:avast_antivirus_professionalavast avast antivirus professionaleq4.8.1201
avast:avast_antivirus_homeavast avast antivirus homeeq4.8.1229
avast:avast_antivirus_professionalavast avast antivirus professionaleq4.8.1229
avast:avast_antivirus_professionalavast avast antivirus professionaleq4.8.1296
avast:avast_antivirus_professionalavast avast antivirus professionaleq4.8.1335
avast:avast_antivirus_professionalavast avast antivirus professionaleq4.7.1043
avast:avast_antivirus_homeavast avast antivirus homeeq4.8.1335

CPE	Name	Operator	Version
avast:avast_antivirus_professional	avast avast antivirus professional	eq	4.8.1169
avast:avast_antivirus_home	avast avast antivirus home	eq	4.7.1098
avast:avast_antivirus_professional	avast avast antivirus professional	eq	4.7.827
avast:avast_antivirus_professional	avast avast antivirus professional	eq	4.8.1201
avast:avast_antivirus_home	avast avast antivirus home	eq	4.8.1229
avast:avast_antivirus_professional	avast avast antivirus professional	eq	4.8.1229
avast:avast_antivirus_professional	avast avast antivirus professional	eq	4.8.1296
avast:avast_antivirus_professional	avast avast antivirus professional	eq	4.8.1335
avast:avast_antivirus_professional	avast avast antivirus professional	eq	4.7.1043
avast:avast_antivirus_home	avast avast antivirus home	eq	4.8.1335