CVE-2008-6962

CWE-20Improper Input Validation3 documents3 sources
Severity
7.2HIGH
EPSS
0.0%
top 84.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Avira Antivir
Timeline
PublishedAug 13
Latest updateMay 17

Description

Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDavira/antivir6.35.00.00

🔴Vulnerability Details

2
GHSA
GHSA-rf7m-24r8-9hg2: Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a cr2022-05-17
CVEList
CVE-2008-6962: Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a cr2009-08-13
CVE-2008-6962 (HIGH CVSS 7.2) | Avira AntiVir Premium | cvebase.io