Lucene search

K

Kaspersky LabKLA10050

HistoryMay 22, 2009 - 12:00 a.m.

KLA10050 SB vulnerability in AVG

2009-05-2200:00:00

Kaspersky Lab

threats.kaspersky.com

11

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.3%

An unspecified vulnerability was found in AVG Anti-virus. By exploiting this vulnerability malicious users can bypass security restrictions. This vulnerability can be exploited at a point related to the AVG parsing engine via a specially designed RAR or ZIP archive.

Original advisories

vulnerability description

Related products

AVG-Anti-Virus-Free-Edition

CVE list

CVE-2009-1784 critical

Solution

Update to latest version

Impacts

SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

AVG Anti-virus versions 8.0.156 and earlier

References

www.cvedetails.com/cve/CVE-2009-1784/

statistics.securelist.com/

threats.kaspersky.com/en/product/AVG-Anti-Virus-Free-Edition/

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.3%

Related for KLA10050

openvas4 cve1 cvelist1 prion1 nvd1