ID |
CVE-2007-3777
|
Summary |
avg7core.sys 7.5.0.444 in Grisoft AVG Anti-Virus 7.5.448 and Free Edition 7.5.446, provides an internal function that copies data to an arbitrary address, which allows local users to gain privileges via arbitrary address arguments to a function provided by the 0x5348E004 IOCTL for the generic DeviceIoControl handler. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.2 (as of 15-10-2018 - 21:30) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
bid | 24870 | bugtraq | 20070711 Advisory: Arbitrary kernel mode memory writes in AVG | osvdb | 37975 | sectrack | 1018362 | secunia | 25998 | sreason | 2887 | vupen | ADV-2007-2518 | xf | avg-avg7core-code-execution(35345) |
|
Last major update |
15-10-2018 - 21:30 |
Published |
15-07-2007 - 22:30 |
Last modified |
15-10-2018 - 21:30 |