Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-02-25T18:03:00

Updated: 2024-08-07T00:59:38.335Z

Reserved: 2010-02-25T00:00:00

Link: CVE-2010-0705

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-02-25T18:30:00.377

Modified: 2018-10-10T19:53:24.980

Link: CVE-2010-0705

cve-icon Redhat

No data.