Published: 23/11/2009 Updated: 10/10/2018

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024.

Vulnerable Product	Search on Vulmon	Subscribe to Product
avast avast antivirus home 4.8.1356.0
avast avast antivirus professional 4.8.1356.0

source: wwwsecurityfocuscom/bid/37031/info Avast! Antivirus is prone to a local privilege-escalation vulnerability Local attackers can exploit this issue to execute arbitrary code with superuser privileges and completely compromise the affected computer Failed exploit attempts will result in a denial-of-service condition Avast! Antiv ...

CWE-119 http://secunia.com/advisories/37368 http://www.efblog.net/2009/11/avast-aswrdrsys-kernel-pool-corruption.html https://www.evilfingers.com/advisory/Advisory/Avast_aswRdr_sys_Kernel_Pool_Corruption_and_Local_Privilege_Escalation.php http://www.securityfocus.com/bid/37031 http://www.vupen.com/english/advisories/2009/3266 http://www.securityfocus.com/archive/1/507891/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/33360/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-4049

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect