3 matches found
Design/Logic Flaw
In Avast Antivirus before v17, using the LPC interface API exposed by the AvastSVC.exe Windows service, it is possible to launch predefined binaries, or replace or delete arbitrary files. This vulnerability is exploitable by any unprivileged user when Avast Self-Defense is disabled. It is also...
CVE-2017-8308
In Avast Antivirus before v17, an unprivileged user and thus malware or a virus can mark an arbitrary process as Trusted from the perspective of the Avast product. This bypasses the Self-Defense feature of the product, opening a door to subsequent attack on many of its components...
CVE-2017-8308
CVE-2017-8308 affects Avast Antivirus before v17. An unprivileged user can mark an arbitrary process as Trusted from Avast’s perspective, bypassing Self-Defense and enabling potential further compromise of Avast components. Primary impact reported is a bypass of Self-Defense; exploitation status ...