CVE-2008-1625

EUVD-2008-1626
aavmker4.sys in avast! Home and Professional 4.7 for Windows does not properly validate input to IOCTL 0xb2d60030, which allows local users to gain privileges via certain IOCTL requests.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:S/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Affected Products (NVD)
VendorProductVersion
avastavast_antivirus_home
4.7.827
avastavast_antivirus_home
4.7.844
avastavast_antivirus_home
4.7.869
avastavast_antivirus_home
4.7.1043
avastavast_antivirus_home
4.7.1098
avastavast_antivirus_professional
4.7.827
avastavast_antivirus_professional
4.7.844
avastavast_antivirus_professional
4.7.1043
avastavast_antivirus_professional
4.7.1098
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/29605
http://www.avast.com/eng/avast-4-home_pro-revision-history.html
http://www.securityfocus.com/archive/1/490321/100/0/threaded
http://www.securityfocus.com/bid/28502
http://www.securitytracker.com/id?1019732
http://www.trapkit.de/advisories/TKADV2008-002.txt
http://www.vupen.com/english/advisories/2008/1034/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41527
http://secunia.com/advisories/29605
http://www.avast.com/eng/avast-4-home_pro-revision-history.html
http://www.securityfocus.com/archive/1/490321/100/0/threaded
http://www.securityfocus.com/bid/28502
http://www.securitytracker.com/id?1019732
http://www.trapkit.de/advisories/TKADV2008-002.txt
http://www.vupen.com/english/advisories/2008/1034/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41527