Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistVulDBCVELIST:CVE-2023-1646
HistoryMar 26, 2023 - 10:31 p.m.

CVE-2023-1646 IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E004 stack-based overflow

2023-03-2622:31:03
CWE-121
VulDB
www.cve.org
4
iobit malware fighter
0x8018e004
stack-based overflow
imfcameraprotect.sys
ioctl handler
local attack
vdb-224026

CVSS2

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

CVSS3

5.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

AI Score

8

Confidence

High

EPSS

0

Percentile

5.1%

JSON

A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been declared as critical. This vulnerability affects the function 0x8018E000/0x8018E004 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224026 is the identifier assigned to this vulnerability.

CNA Affected

[
  {
    "vendor": "IObit",
    "product": "Malware Fighter",
    "versions": [
      {
        "version": "9.4.0.776",
        "status": "affected"
      }
    ],
    "modules": [
      "IOCTL Handler"
    ]
  }
]

Related

nvd 1
cve 1
prion 1
nvd
nvd
CVE-2023-1646
2023-03-26 23:15:07
cve
cve
CVE-2023-1646
2023-03-26 23:15:07
prion
prion
Stack overflow
2023-03-26 23:15:00

CVSS2

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

CVSS3

5.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

AI Score

8

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVELIST:CVE-2023-1646
nvd1cve1prion1