Design/Logic Flaw

2015-12-1618:59:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.8%

JSON

AVG Internet Security 2015 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.

CPENameOperatorVersion
internet_securityeq2015

CPE	Name	Operator	Version
	internet_security	eq	2015

References

blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations

breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/

breakingmalware.com/vulnerabilities/vulnerability-patching-learning-from-avg-on-doing-it-right/

www.securityfocus.com/bid/78813