Use-After-Free Vulnerability in Avira Management Console Update Manager
CVE-2015-7303

Currently unrated

Key Information:

Vendor: Avira
Status: Management Console
Vendor: CVE Published:; 21 September 2015

What is CVE-2015-7303?

This vulnerability arises in the Update Manager service of the Avira Management Console, where improper memory management can lead to a use-after-free condition. Attackers can exploit this flaw by sending a carefully crafted request with a large header, which may enable them to execute arbitrary code on the affected system. This poses significant risks to the integrity and confidentiality of user data.

References

http://www.zerodayinitiative.com/advisories/ZDI-15-445

x_refsource_MISC

EPSS Score

9% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 21, 2015