Integer Overflow Vulnerability in Avast! Internet Security 5.0 Kernel Driver
CVE-2010-5075

Currently unrated

Key Information:

Vendor: Avast\!
Status: Avast\! Internet Security
Vendor: CVE Published:; 28 December 2014

What is CVE-2010-5075?

An integer overflow vulnerability exists in the aswFW.sys kernel driver of Avast! Internet Security 5.0 Korean Trial. This issue allows local users to send a specially crafted DeviceIoControl request, leading to memory corruption and potentially causing a denial of service by triggering a system panic. It is crucial for users of the affected versions to take appropriate security measures to mitigate the risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/42148

vdb-entryx_refsource_BID

https://web.archive.org/web/20120228033302/http://www.x90...

x_refsource_MISC

http://x90c.blogspot.com/2011/11/avast-internet-security-...

x_refsource_MISC

Timeline

Vulnerability published
Dec 28, 2014
Vulnerability Reserved
Dec 9, 2011

Avast\!

What is CVE-2010-5075?

References

Timeline