FKIE_CVE-2009-3523

Vulnerability from fkie_nvd - Published: 2009-10-01 17:00 - Updated: 2025-04-09 00:30
Severity ?
Summary
aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625.
References
cve@mitre.orghttp://secunia.com/advisories/36858Vendor Advisory
cve@mitre.orghttp://www.avast.com/eng/avast-4-home_pro-revision-history.html
cve@mitre.orghttp://www.ntinternals.org/ntiadv0904/ntiadv0904.htmlExploit
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6024
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36858Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.avast.com/eng/avast-4-home_pro-revision-history.html
af854a3a-2127-422b-91ae-364da2661108http://www.ntinternals.org/ntiadv0904/ntiadv0904.htmlExploit
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6024
Impacted products
Vendor Product Version
avast avast_antivirus_home *
avast avast_antivirus_home 4.7.827
avast avast_antivirus_home 4.7.844
avast avast_antivirus_home 4.7.869
avast avast_antivirus_home 4.7.1043
avast avast_antivirus_home 4.7.1098
avast avast_antivirus_home 4.8.1169
avast avast_antivirus_home 4.8.1195
avast avast_antivirus_home 4.8.1201
avast avast_antivirus_home 4.8.1227
avast avast_antivirus_home 4.8.1229
avast avast_antivirus_home 4.8.1282
avast avast_antivirus_home 4.8.1290
avast avast_antivirus_home 4.8.1296
avast avast_antivirus_home 4.8.1335
avast avast_antivirus_professional *
avast avast_antivirus_professional 4.7.827
avast avast_antivirus_professional 4.7.844
avast avast_antivirus_professional 4.7.1043
avast avast_antivirus_professional 4.7.1098
avast avast_antivirus_professional 4.8.1169
avast avast_antivirus_professional 4.8.1195
avast avast_antivirus_professional 4.8.1201
avast avast_antivirus_professional 4.8.1227
avast avast_antivirus_professional 4.8.1229
avast avast_antivirus_professional 4.8.1282
avast avast_antivirus_professional 4.8.1290
avast avast_antivirus_professional 4.8.1296
avast avast_antivirus_professional 4.8.1335
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:*:*:windows:*:*:*:*:*",
              "matchCriteriaId": "C47AF58C-5BC9-40EC-98F6-48E1B645F4C6",
              "versionEndIncluding": "4.8.1351",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.827:*:windows:*:*:*:*:*",
              "matchCriteriaId": "33A71A2C-36AC-4F36-9D94-AA824F4DE14C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.844:*:windows:*:*:*:*:*",
              "matchCriteriaId": "62618C12-3EAC-4434-B2A8-D83612F1A05C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.869:*:windows:*:*:*:*:*",
              "matchCriteriaId": "B949535B-9771-4AC6-BBDB-8BB3A789A1FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.1043:*:windows:*:*:*:*:*",
              "matchCriteriaId": "DC6DA89A-BF71-4031-9B51-E5941FDE5E15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.7.1098:*:windows:*:*:*:*:*",
              "matchCriteriaId": "DB201D49-EB74-4A5D-B641-86C4429E3EC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.8.1169:*:windows:*:*:*:*:*",
              "matchCriteriaId": "D8C4E148-EAD0-433C-B0C3-3124B0288CC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.8.1195:*:windows:*:*:*:*:*",
              "matchCriteriaId": "1867FC4C-01BC-4FA1-B33F-66CE7D4AD9B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.8.1201:*:windows:*:*:*:*:*",
              "matchCriteriaId": "79057030-D57C-4DAC-B9F9-FE2CED222481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.8.1227:*:windows:*:*:*:*:*",
              "matchCriteriaId": "8CE03B00-0277-4738-8DA6-AFD09830B0DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.8.1229:*:windows:*:*:*:*:*",
              "matchCriteriaId": "921BC39F-E4EC-4B4C-BC7D-8002B7C3A85A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.8.1282:*:windows:*:*:*:*:*",
              "matchCriteriaId": "B03B958E-8FAA-48E4-BD0D-3577B7150284",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.8.1290:*:windows:*:*:*:*:*",
              "matchCriteriaId": "36902F71-4215-40B5-93B5-75A5634D4501",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.8.1296:*:windows:*:*:*:*:*",
              "matchCriteriaId": "0F087F04-EF9C-43F0-95F0-36AD5182F02B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_home:4.8.1335:*:windows:*:*:*:*:*",
              "matchCriteriaId": "1757311C-A432-4056-A480-12713E4E0024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:*:*:windows:*:*:*:*:*",
              "matchCriteriaId": "2C19547C-2369-4228-80CF-0A07735ED6AC",
              "versionEndIncluding": "4.8.1351",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.827:*:windows:*:*:*:*:*",
              "matchCriteriaId": "DF2D8C10-01E4-43D7-93EE-342BA7E9C489",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.844:*:windows:*:*:*:*:*",
              "matchCriteriaId": "AAB7888A-E884-4C73-AF10-698C56E080F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.1043:*:windows:*:*:*:*:*",
              "matchCriteriaId": "1F7F2957-4422-4891-B573-F68882D7C8E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.7.1098:*:windows:*:*:*:*:*",
              "matchCriteriaId": "FC6DE028-27FD-40D7-AD12-F3C648B445E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.8.1169:*:windows:*:*:*:*:*",
              "matchCriteriaId": "FC35E740-8BE7-4479-B684-6E304204B358",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.8.1195:*:windows:*:*:*:*:*",
              "matchCriteriaId": "083372F2-D738-4698-97CF-F71748BE4877",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.8.1201:*:windows:*:*:*:*:*",
              "matchCriteriaId": "38BAD92D-F9D8-4295-B9BD-FFB354937ED4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.8.1227:*:windows:*:*:*:*:*",
              "matchCriteriaId": "0348CFA9-6DC0-4FCE-B6B8-3D0D9086471F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.8.1229:*:windows:*:*:*:*:*",
              "matchCriteriaId": "03B69989-B458-4624-B40F-37A7FCD11BA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.8.1282:*:windows:*:*:*:*:*",
              "matchCriteriaId": "FA7CEE2D-C92B-45A9-89F0-42A7DFAA7DD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.8.1290:*:windows:*:*:*:*:*",
              "matchCriteriaId": "FDCB885F-8175-41B3-A6A6-1A9A3A239548",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.8.1296:*:windows:*:*:*:*:*",
              "matchCriteriaId": "82039FC7-19D9-471C-A781-87D4CCE807CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avast:avast_antivirus_professional:4.8.1335:*:windows:*:*:*:*:*",
              "matchCriteriaId": "B6D8AF4B-27E2-4A7B-A474-AF453F6A22F3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625."
    },
    {
      "lang": "es",
      "value": "aavmKer4.sys en avast! Home y Professional para Windows anterior v4.8.1356 no proporciona entradas validad en IOCTLs (1) 0xb2d6000c y (2) 0xb2d60034, que permite a usuarios locales obtener privilegios a trav\u00e9s de peticiones IOCTL usando direcciones de kernel manipuladas que lanzan una ca\u00edda de memoria, una vulnerabilidad diferente que CVE-2008-1625."
    }
  ],
  "id": "CVE-2009-3523",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-10-01T17:00:00.267",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36858"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.avast.com/eng/avast-4-home_pro-revision-history.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.ntinternals.org/ntiadv0904/ntiadv0904.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.avast.com/eng/avast-4-home_pro-revision-history.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.ntinternals.org/ntiadv0904/ntiadv0904.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6024"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.