Copyright (C) 2018 Greenbone AGOPENVAS:1361412562310113077Malwarebytes 3.3.1.2183 Multiple DoS Vulnerabilities
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
6.1 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:P/I:P/A:C
0.0004 Low
EPSS
Percentile
5.3%
These CVE
# SPDX-FileCopyrightText: 2018 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if( description )
{
script_oid("1.3.6.1.4.1.25623.1.0.113077");
script_version("2023-06-27T05:05:30+0000");
script_tag(name:"last_modification", value:"2023-06-27 05:05:30 +0000 (Tue, 27 Jun 2023)");
script_tag(name:"creation_date", value:"2018-01-09 14:16:17 +0100 (Tue, 09 Jan 2018)");
script_tag(name:"cvss_base", value:"6.1");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:P/I:P/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2019-03-13 15:15:00 +0000 (Wed, 13 Mar 2019)");
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"WillNotFix");
script_cve_id("CVE-2018-5270", "CVE-2018-5271", "CVE-2018-5272", "CVE-2018-5273", "CVE-2018-5274",
"CVE-2018-5275", "CVE-2018-5276", "CVE-2018-5277", "CVE-2018-5278", "CVE-2018-5279");
script_name("Malwarebytes 3.3.1.2183 Multiple DoS Vulnerabilities");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2018 Greenbone AG");
script_family("Denial of Service");
script_tag(name:"summary", value:"These CVE's have been disputed from the vendor.
Multiple Denial of Service vulnerabilities exist in Malwarebytes version 3.3.1.2183");
script_tag(name:"vuldetect", value:"The script checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Multiple IOCtl's lack input validation, allowing local users to cause Denial
of Service through a BSOD.");
script_tag(name:"impact", value:"Successful exploitation would allow an attacker to cause a Denial of Service,
rendering the host inaccessible.");
script_tag(name:"affected", value:"Malwarebytes 3.3.1.2183 and before");
script_tag(name:"solution", value:"No known solution was made available for at least one year since the disclosure
of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.");
script_xref(name:"URL", value:"https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC");
script_tag(name:"deprecated", value:TRUE);
exit(0);
}
exit(66);
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
6.1 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:P/I:P/A:C
0.0004 Low
EPSS
Percentile
5.3%