Vulnerability CVE-2008-6962


Published: 2009-08-13   Modified: 2017-08-16

Description:
Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer.

See advisories in our WLB2 database:
Topic
Author
Date
High
Avira Products Driver Local Kernel Pointer Overwrite Vulnerability
Sebastien Renaud
15.08.2009

Type:

CWE-20

(Improper Input Validation)

Vendor: Avira
Product: Antivir 
Version: 6.35.00.00;
Product: Antivir personal 
Product: Antivir professional 
Product: Antivir security suite 

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://www.securityfocus.com/bid/32269
http://www.vupen.com/english/advisories/2008/3130
http://www.vupen.com/english/VUPEN-Security-Advisory-20081112.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/46567

Related CVE
CVE-2016-10402
Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow.
CVE-2015-7732
The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext.
CVE-2017-6417
Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-prot...
CVE-2015-7303
Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header.
CVE-2014-5576
The Avira Secure Backup (aka com.avira.avirabackup) application 1.2.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificat...
CVE-2010-5153
** DISPUTED ** Race condition in Avira Premium Security Suite 10.0.0.536 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based ...
CVE-2012-1459
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Clam...
CVE-2012-1457
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsi...

Copyright 2017, cxsecurity.com

 

Back to Top