Memory Allocation Vulnerability in AVG Internet Security 2015
CVE-2015-8578

Currently unrated

Key Information:

Vendor: Avg
Status: Internet Security
Vendor: CVE Published:; 16 December 2015

What is CVE-2015-8578?

AVG Internet Security 2015 contains a memory allocation vulnerability that allows the allocation of memory with Read, Write, Execute (RWX) permissions at predictable addresses. This flaw can enable attackers to bypass critical security mechanisms like Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) through unspecified vectors. As a result, malicious actors can exploit this weakness to execute arbitrary code and achieve unauthorized control over user-mode processes, posing significant security risks.

References

http://breakingmalware.com/vulnerabilities/sedating-watch...

x_refsource_MISC

http://www.securityfocus.com/bid/78813

vdb-entryx_refsource_BID

http://blog.ensilo.com/the-av-vulnerability-that-bypasses...

x_refsource_MISC

Timeline

Vulnerability published
Dec 16, 2015
Vulnerability Reserved
Dec 16, 2015

Avg

What is CVE-2015-8578?

References

Timeline