CVE-2009-3080

Array index error in the gdthreadevent function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request...

Kaspersky Antivirus memory corruption

Memory corruption on IOCTL processing...

Avast! Antivirus memory corruption

Kernel memory corruption on IOCTL processing...

Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation

http://www.efblog.net/2009/11/avast-aswrdrsys-kernel-pool-corruption.html =============Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation================ Authors: Giuseppe 'Evilcry' Bonfa' AbdulAziz Hariri E-Mail: evilcry AT GMAIL DOT COM Website: http://evilcry.netsons.org...

Kaspersky Anti-Virus 2010 <= 9.0.0.463 pointer dereference vulnerability

/ Program : Kaspersky Anti-Virus 2010 9.0.0.463 Homepage : http://www.kaspersky.com Discovery : 2009/09/29 Author Contacted : 2009/10/01 Patch Updated : 2009/11/16 Found by : Heurs This Advisory : Heurs Contact : [email protected] //----- Application description The most trusted virus and...

avast! Professional Edition < 4.8.1356 Multiple Vulnerabilities

The remote Windows host is running avast! Professional Edition. The installed version of avast! Professional Edition is potentially affected by multiple issues : - A local privilege escalation vulnerability because the 'avast4.ini' file is created with insecure permissions on setup. CVE-2009-3524...

Null pointer dereference

The ATI Rage 128 aka r128 driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine CCE state initialization, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly gain privileges via unspecified ioctl...

CVE-2009-3522

Stack-based buffer overflow in aswMon2.sys in avast! Home and Professional for Windows 4.8.1351, and possibly other versions before 4.8.1356, allows local users to cause a denial of service system crash and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80018...

Memory corruption

aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs 1 0xb2d6000c and 2 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerabilit...

Stack overflow

Stack-based buffer overflow in aswMon2.sys in avast! Home and Professional for Windows 4.8.1351, and possibly other versions before 4.8.1356, allows local users to cause a denial of service system crash and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80018...

CVE-2009-3522

CVE-2009-3522 concerns a stack-based buffer overflow in the aswMon2.sys driver of Avast! for Windows (as used in Home/Professional up to 4.8.1355). The vulnerability occurs when processing a crafted IOCTL request (IOCTL 0xb2c80018), allowing local users to crash the system (denial of service) and...

Kaspersky AV 2010 9.0.0.463 Local DoS

No description provided by source. include stdio.h include windows.h include winioctl.h include stdlib.h include string.h / Program : Kaspersky Anti-Virus 2010 9.0.0.463 Homepage : http://www.kaspersky.com Discovery : 2009/09/29 Author Contacted : 2009/10/01 Found by : Heurs This Advisory : Heurs...

Avast Antivirus 4.8.1351.0 DoS and Privilege Escalation

No description provided by source. Source: https://www.evilfingers.com/advisory/Advisory/AvastaswMon2.syskernelmemorycorruptionandLocalPrivilegeEscalation.php -----------Avast aswMon2.sys kernel memory corruption and Local Privilege Escalation--------- Author: Giuseppe 'Evilcry' Bonfa' E-Mail:...

Avast Antivirus privilege esclalation

Memory corruption on IOCTL processing...

Avast Antivirus 4.8.1351.0 DoS and Privilege Escalation

Exploit for unknown platform in category local exploits ======================================================= Avast Antivirus 4.8.1351.0 DoS and Privilege Escalation ======================================================= Title: Avast Antivirus 4.8.1351.0 DoS and Privilege Escalation CVE-ID:...

Linux Kernel z90crypt驱动本地权限提升漏洞

CVE ID: CVE-2009-1883 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的z90crypt驱动中的z90cryptunlockedioctl函数没有对Z90QUIESCE操作执行权限检查，这可能允许拥有有效用户ID（euid）为0的本地用户绕过预期的功能限制，执行非授权操作。 Linux kernel 2.6.9 厂商补丁： RedHat ------ RedHat已经为此发布了一个安全公告（RHSA-2009:1438-01）以及相应补丁: RHSA-2009:1438-01：Important: kernel...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 21st July 2010 Added links to KBase articles expanding on three...

kernel: missing capability check in z90crypt

The z90cryptunlockedioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage...

Design/Logic Flaw

easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service crash via a crafted IOCTL 0x222003 request to the \.\easdrv device interface...

CVE-2008-7107

easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service crash via a crafted IOCTL 0x222003 request to the \.\easdrv device interface...