7.7 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.
forum.avast.com/index.php?topic=55484.0
osvdb.org/62510
secunia.com/advisories/38677
secunia.com/advisories/38689
www.securityfocus.com/archive/1/509710/100/0/threaded
www.securityfocus.com/bid/38363
www.securitytracker.com/id?1023644
www.trapkit.de/advisories/TKADV2010-003.txt
www.vupen.com/english/advisories/2010/0449