cve/CVE-2009-3523.md at 694ac234a19db48cd3b1f78eb5f461ab1f6c99f7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/BLACKHAT-SSG/EXP-401-OSEE
https://github.com/PwnAwan/EXP-401-OSEE

860 B Raw Blame History

CVE-2009-3523

Description

POC

Reference

Github

860 B

Raw Blame History