Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-3523
HistoryOct 01, 2009 - 5:00 p.m.

CVE-2009-3523

2009-10-0117:00:00
CWE-20
[email protected]
web.nvd.nist.gov

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625.

Affected configurations

NVD
Node
avastavast_antivirus_homeRange4.8.1351windows
OR
avastavast_antivirus_homeMatch4.7.827windows
OR
avastavast_antivirus_homeMatch4.7.844windows
OR
avastavast_antivirus_homeMatch4.7.869windows
OR
avastavast_antivirus_homeMatch4.7.1043windows
OR
avastavast_antivirus_homeMatch4.7.1098windows
OR
avastavast_antivirus_homeMatch4.8.1169windows
OR
avastavast_antivirus_homeMatch4.8.1195windows
OR
avastavast_antivirus_homeMatch4.8.1201windows
OR
avastavast_antivirus_homeMatch4.8.1227windows
OR
avastavast_antivirus_homeMatch4.8.1229windows
OR
avastavast_antivirus_homeMatch4.8.1282windows
OR
avastavast_antivirus_homeMatch4.8.1290windows
OR
avastavast_antivirus_homeMatch4.8.1296windows
OR
avastavast_antivirus_homeMatch4.8.1335windows
OR
avastavast_antivirus_professionalRange4.8.1351windows
OR
avastavast_antivirus_professionalMatch4.7.827windows
OR
avastavast_antivirus_professionalMatch4.7.844windows
OR
avastavast_antivirus_professionalMatch4.7.1043windows
OR
avastavast_antivirus_professionalMatch4.7.1098windows
OR
avastavast_antivirus_professionalMatch4.8.1169windows
OR
avastavast_antivirus_professionalMatch4.8.1195windows
OR
avastavast_antivirus_professionalMatch4.8.1201windows
OR
avastavast_antivirus_professionalMatch4.8.1227windows
OR
avastavast_antivirus_professionalMatch4.8.1229windows
OR
avastavast_antivirus_professionalMatch4.8.1282windows
OR
avastavast_antivirus_professionalMatch4.8.1290windows
OR
avastavast_antivirus_professionalMatch4.8.1296windows
OR
avastavast_antivirus_professionalMatch4.8.1335windows

Related

cvelist 2
cve 2
prion 2
seebug 2
exploitpack 1
packetstorm 1
nvd 1
openvas 2
nessus 1
exploitdb 1
cvelist
cvelist
CVE-2009-3523
2009-10-01 16:00:00
CVE-2008-1625
2008-04-02 17:00:00
cve
cve
CVE-2009-3523
2009-10-01 17:00:00
CVE-2008-1625
2008-04-02 17:44:00
prion
prion
Memory corruption
2009-10-01 17:00:00
Input validation
2008-04-02 17:44:00
seebug
seebug
Avast! Antivirus aavmKer4.sys驱动本地权限提升漏洞
2009-11-05 00:00:00
avast! 4.7 aavmker4.sys privilege escalation
2010-04-28 00:00:00
exploitpack
exploitpack
Avast! 4.7 - aavmker4.sys Local Privilege Escalation
2010-04-27 00:00:00
packetstorm
packetstorm
Avast! 4.7 Privilege Escalation
2010-04-27 00:00:00
nvd
nvd
CVE-2008-1625
2008-04-02 17:44:00
openvas
openvas
avast! Multiple Vulnerabilities - Oct09 (Windows)
2009-10-08 00:00:00
avast! Multiple Vulnerabilities (Oct 2009) - Windows
2009-10-08 00:00:00
nessus
nessus
avast! Professional Edition < 4.8.1356 Multiple Vulnerabilities
2009-10-27 00:00:00
exploitdb
exploitdb
Avast! 4.7 - &#039;aavmker4.sys&#039; Local Privilege Escalation
2010-04-27 00:00:00

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for NVD:CVE-2009-3523
cvelist2cve2prion2seebug2exploitpack1packetstorm1nvd1openvas2nessus1exploitdb1