CVE-2018-15732

An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x80002063.
References
Link Resource
https://www.greyhathacker.net Exploit Third Party Advisory
https://www.greyhathacker.net/?p=1025 Exploit Third Party Advisory
https://www.greyhathacker.net Exploit Third Party Advisory
https://www.greyhathacker.net/?p=1025 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:stopzilla:antimalware:6.5.2.59:*:*:*:*:*:*:*

History

21 Nov 2024, 03:51

Type Values Removed Values Added
References () https://www.greyhathacker.net - Exploit, Third Party Advisory () https://www.greyhathacker.net - Exploit, Third Party Advisory
References () https://www.greyhathacker.net/?p=1025 - Exploit, Third Party Advisory () https://www.greyhathacker.net/?p=1025 - Exploit, Third Party Advisory

Information

Published : 2019-06-21 15:15

Updated : 2024-11-21 03:51


NVD link : CVE-2018-15732

Mitre link : CVE-2018-15732

CVE.ORG link : CVE-2018-15732


JSON object : View

Products Affected

stopzilla

  • antimalware
CWE
CWE-20

Improper Input Validation