Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-5075

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2010-5075
Last Modified 29 Dec 2014 11:14:53
Published 27 Dec 2014 08:59:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2010-5075

Summary

Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.

Vulnerable Systems

Application

  • Avast%21 Internet Security 5.0


References

MISC - https://web.archive.org/web/20120228033302/http://www.x90c.org/advisories/avast_internet_security_5.0_memory_corruption_advisory.txt

MISC - http://x90c.blogspot.com/2011/12/bid-42148-my-avast-kernel-driver-0day_01.html

MISC - http://x90c.blogspot.com/2011/11/avast-internet-security-aswfwsys-ioctl.html

BID - 42148


Last Updated: 27 May 2016 11:07:22