Vulnonym.org

CVE-2008-1625 - Agonistical Procedure

Description

aavmker4.sys in avast! Home and Professional 4.7 for Windows does not properly validate input to IOCTL 0xb2d60030 which allows local users to gain privileges via certain IOCTL requests.

Reference

http://www.trapkit.de/advisories/TKADV2008-002.txt http://www.avast.com/eng/avast-4-home_pro-revision-history.html http://www.securityfocus.com/bid/28502 http://secunia.com/advisories/29605 http://www.securitytracker.com/id?1019732 http://www.vupen.com/english/advisories/2008/1034/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41527 http://www.securityfocus.com/archive/1/490321/100/0/threaded