- Description
- avg7core.sys 7.5.0.444 in Grisoft AVG Anti-Virus 7.5.448 and Free Edition 7.5.446, provides an internal function that copies data to an arbitrary address, which allows local users to gain privileges via arbitrary address arguments to a function provided by the 0x5348E004 IOCTL for the generic DeviceIoControl handler.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:grisoft:avg_antivirus:7.5.446:*:free:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2D8F5E6-2ADE-43DC-96F6-3D1EACE63937"
},
{
"criteria": "cpe:2.3:a:grisoft:avg_antivirus:7.5.448:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7588B278-D9D8-4BE5-AFEE-ED75991B00ED"
}
],
"operator": "OR"
}
]
}
]