CVE-2023-1587

CWE-476 — NULL Pointer Dereference5 documents5 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 80.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Avast Antivirus AVG Anti-virus Avast Avast Antivirus +1 more

Timeline

PublishedApr 19

Description

Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface. The issue was fixed with Avast and AVG Antivirus version 22.11

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:HExploitability: 1.0 | Impact: 4.7

Affected Packages4 packages

▶NVDavast/antivirus22.5 — 22.11

▶CVEListV5avast/avast_antivirus22.5 — 22.10

▶CVEListV5avg/avg_antivirus22.5 — 22.10

▶NVDavg/anti-virus22.5 — 22.11

🔴Vulnerability Details

CVEList

CVE-2023-1587: Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface↗2023-04-19

▶

GHSA

GHSA-2778-cfx6-g2xp: Avast and AVG Antivirus for Windows were susceptible to a NULL pointer dereference issue via RPC-interface↗2023-04-19

▶

📋Vendor Advisories

Oracle

Oracle Oracle Analytics Risk Matrix: Analytics Server (PCRE2) — CVE-2022-1587↗2023-04-15

▶

Microsoft

Microsoft Edge (Chromium-based) Spoofing Vulnerability↗2023-02-14

▶