mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service (crash) via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. NOTE: some of these details are obtained from third party information.
References
Configurations
History
21 Nov 2024, 02:03
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.osvdb.org/114249 - | |
References | () https://www.malwarebytes.org/support/releasehistory/ - |
Information
Published : 2015-01-13 15:59
Updated : 2024-11-21 02:03
NVD link : CVE-2014-100039
Mitre link : CVE-2014-100039
CVE.ORG link : CVE-2014-100039
JSON object : View
Products Affected
malwarebytes
- malwarebytes_anti-exploit
CWE
CWE-20
Improper Input Validation