Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.
References
Link | Resource |
---|---|
https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/ | Technical Description Third Party Advisory |
https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/ | Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 02:51
Type | Values Removed | Values Added |
---|---|---|
References | () https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/ - Technical Description, Third Party Advisory |
Information
Published : 2016-11-03 10:59
Updated : 2024-11-21 02:51
NVD link : CVE-2016-4025
Mitre link : CVE-2016-4025
CVE.ORG link : CVE-2016-4025
JSON object : View
Products Affected
avast
- file_server_security
- business_security
- endpoint_protection_plus
- free_antivirus
- pro_antivirus
- endpoint_protection_suite
- premier
- endpoint_protection
- email_server_security
- endpoint_protection_suite_plus
- internet_security
CWE
CWE-254
7PK - Security Features