SUPERAntiSpyware Professional Trial Denial of Service Vulnerability (CNVD-2018-02916)

SUPERAntiSpyware Professional Trial is a suite of antivirus tools from US-based Support.com that are primarily designed to scan for spyware. A security vulnerability exists in the SASKUTIL.SYS driver file in SUPERAntiSpyware Professional Trial version 6.0.1254, which originates from the program's...

Input validation

In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file SASKUTIL.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402080...

CVE-2018-6475

In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe allows DLL hijacking, leading to Escalation of Privileges...

CVE-2018-6474

CVE-2018-6474 affects SUPERAntiSpyware Professional Trial 6.0.1254 via the SASKUTIL.SYS driver. The vulnerability arises from not validating input values for IOCTL 0x9C402148, enabling local attackers to trigger a denial of service (BSOD) and potentially other impact. Affected component: SASKUTIL...

CVE-2018-6475

CVE-2018-6475 affects SUPERAntiSpyware Professional Trial 6.0.1254. The issue is a DLL hijacking vulnerability in SUPERAntiSpyware.exe that enables Elevation of Privileges. Root cause: DLL loading manipulation leads to privilege escalation. Impacted software is the SUPERAntiSpyware Professional T...

CVE-2018-6472

In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS driver is vulnerable due to input validation failure on IOCTL 0x9C40204c, enabling local users to trigger a denial of service (BSOD) and potentially other impact. This is supported by multiple sources (NVD, Red Hat CVE entry, CNVD,...