← back
CVE-2010-0705

CVE-2010-0705

EPSS 0.9%
Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://forum.avast.com/index.php?topic=55484.0http://osvdb.org/62510http://secunia.com/advisories/38677http://secunia.com/advisories/38689http://www.securityfocus.com/archive/1/509710/100/0/threadedhttp://www.securityfocus.com/bid/38363http://www.securitytracker.com/id?1023644http://www.trapkit.de/advisories/TKADV2010-003.txthttp://www.vupen.com/english/advisories/2010/0449