EUVD-2008-1626

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Local users can gain privileges via flawed IOCTL validation in avast! Home and Professional 4.7.

Reporter	Title	Published	Views	Family All 12
0day.today	Avast! 4.7 aavmker4.sys privilege escalation	27 Apr 201000:00	–	zdt
Circl	CVE-2008-1625	27 Apr 201000:00	–	circl
CVE	CVE-2008-1625	2 Apr 200817:00	–	cve
Cvelist	CVE-2008-1625	2 Apr 200817:00	–	cvelist
Exploit DB	Avast! 4.7 - 'aavmker4.sys' Local Privilege Escalation	27 Apr 201000:00	–	exploitdb
exploitpack	Avast! 4.7 - aavmker4.sys Local Privilege Escalation	27 Apr 201000:00	–	exploitpack
exploitpack	Avast!-4.7-aavmker4.sys	7 Jan 201513:53	–	exploitpack
NVD	CVE-2008-1625	2 Apr 200817:44	–	nvd
Packet Storm	Avast! 4.7 Privilege Escalation	27 Apr 201000:00	–	packetstorm
Prion	Input validation	2 Apr 200817:44	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "2804c6f9-5361-36ae-9a63-36474291a3e4",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "cd4aec4c-218c-3f6d-a277-e8a570e3b727",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2008-1625
vupen	www.vupen.com/english/advisories/2008/1034/references
trapkit	www.trapkit.de/advisories/TKADV2008-002.txt
securityfocus	www.securityfocus.com/bid/28502
secunia	www.secunia.com/advisories/29605
securityfocus	www.securityfocus.com/archive/1/490321/100/0/threaded
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/41527
securitytracker	www.securitytracker.com/id
avast	www.avast.com/eng/avast-4-home_pro-revision-history.html
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 26.8

EPSS0.00084