Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2009-3523

Published

13 years ago

Last Modified

6 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625..

CVSSv2.0 Score

Severity: Medium
Base Score: 6.9/10
Exploit Score: 3.4/10
Access Vector: Local
Access Complexity: Medium
Authentication Required: None
Impact Score: 10/10
Confidentiality Impact: Complete
Availability Impact: Complete
Integrity Impact: Complete

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:avast:avast_antivirus_professional:4.8.1169:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.7.1098::windows::*:	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.7.827:*:windo	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.8.1201:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.8.1229::windows::*:	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.8.1229:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.8.1296:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.8.1335:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.7.1043:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.8.1335::windows::*:	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.8.1195:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:::windows:::::*	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.8.1201::windows::*:	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.8.1282::windows::*:	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.8.1282:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.8.1296::windows::*:	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:::windows::	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.8.1290:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.8.1227:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.7.844:*:windo	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.8.1169::windows::*:	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.8.1227::windows::*:	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.7.869::windows:::	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.7.1043::windows::*:	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_professional:4.7.1098:*:wind	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.7.844::windows:::	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.7.827::windows:::	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.8.1290::windows::*:	Yes	-	-
cpe:2.3:a:avast:avast_antivirus_home:4.8.1195::windows::*:	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2009-3523

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

CVSSv2.0 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2009-3523

CVE information

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

Products Affected

References