CVE-2018-15735

EUVD-2018-7604
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206F.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
stopzillaantimalware
6.5.2.59
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.greyhathacker.net
https://www.greyhathacker.net/?p=1025
https://www.greyhathacker.net
https://www.greyhathacker.net/?p=1025