{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-1492", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been declared as problematic. This vulnerability affects the function 0x220019 in the library MaxProc64.sys of the component IoControlCode Handler. The manipulation of the argument SystemBuffer leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-223378 is the identifier assigned to this vulnerability." }, { "lang": "deu", "value": "In Max Secure Anti Virus Plus 19.0.2.1 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Dabei geht es um die Funktion 0x220019 in der Bibliothek MaxProc64.sys der Komponente IoControlCode Handler. Dank Manipulation des Arguments SystemBuffer mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-404 Denial of Service", "cweId": "CWE-404" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "Max Secure", "product": { "product_data": [ { "product_name": "Anti Virus Plus", "version": { "version_data": [ { "version_affected": "=", "version_value": "19.0.2.1" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://vuldb.com/?id.223378", "refsource": "MISC", "name": "https://vuldb.com/?id.223378" }, { "url": "https://vuldb.com/?ctiid.223378", "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223378" }, { "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1492", "refsource": "MISC", "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1492" }, { "url": "https://drive.google.com/file/d/1G_Szy4kCrZU-whGbVcxpdE1yKf5Vxqq3/view", "refsource": "MISC", "name": "https://drive.google.com/file/d/1G_Szy4kCrZU-whGbVcxpdE1yKf5Vxqq3/view" } ] }, "credits": [ { "lang": "en", "value": "Zeze7w (VulDB User)" } ], "impact": { "cvss": [ { "version": "3.1", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseSeverity": "MEDIUM" }, { "version": "3.0", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseSeverity": "MEDIUM" }, { "version": "2.0", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C" } ] } }