If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
AVAST vulnerabilities
High Vulnerabilities
Vulnerability Summary for CVE-2009-3522 Original release date:10/01/2009 Last revised:10/02/2009 Source: US-CERT/NIST Overview Stack-based buffer overflow in aswMon2.sys in avast! Home and Professional for Windows 4.8.1351, and possibly other versions before 4.8.1356, allows local users to cause a denial of service (system crash) and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80018. http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-3522 Vulnerability Summary for CVE-2009-3524 Original release date:10/01/2009 Last revised:10/05/2009 Source: US-CERT/NIST Overview Unspecified vulnerability in ashWsFtr.dll in avast! Home and Professional for Windows before 4.8.1356 has unknown impact and local attack vectors. http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-3524 MEDIUM IMPACT: Vulnerability Summary for CVE-2009-3523 Original release date:10/01/2009 Last revised:10/05/2009 Source: US-CERT/NIST Overview aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625. http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-3523 Additional vulnerabilities not specific to AVAST may be found he http://securitytracker.com/archives/...ingos/218.html -- MEB http://peoplescounsel.org/ref/windows-main.htm Windows Info, Diagnostics, Security, Networking http://peoplescounsel.org The "real world" of Law, Justice, and Government ___--- |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Flash 10 {and likely 9} and AIR 1.5.2 vulnerabilities | MEB[_17_] | General | 0 | December 10th 09 05:55 PM |
AVAST vulnerabilities | MEB[_18_] | General | 16 | October 20th 09 11:38 PM |
US CERT - SA08-193A Java Vulnerabilities | MEB[_2_] | General | 0 | July 12th 08 08:23 AM |
New IE vulnerabilities | Dan | General | 7 | May 3rd 06 06:17 PM |
unpatched Critical vulnerabilities in Win 98 98SE? | Dan | General | 0 | February 13th 05 04:02 PM |