CVE-2018-15735

An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206F.
References
Link Resource
https://www.greyhathacker.net Exploit Third Party Advisory
https://www.greyhathacker.net/?p=1025 Exploit Third Party Advisory
https://www.greyhathacker.net Exploit Third Party Advisory
https://www.greyhathacker.net/?p=1025 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:stopzilla:antimalware:6.5.2.59:*:*:*:*:*:*:*

History

21 Nov 2024, 03:51

Type Values Removed Values Added
References () https://www.greyhathacker.net - Exploit, Third Party Advisory () https://www.greyhathacker.net - Exploit, Third Party Advisory
References () https://www.greyhathacker.net/?p=1025 - Exploit, Third Party Advisory () https://www.greyhathacker.net/?p=1025 - Exploit, Third Party Advisory

Information

Published : 2019-06-21 15:15

Updated : 2024-11-21 03:51


NVD link : CVE-2018-15735

Mitre link : CVE-2018-15735

CVE.ORG link : CVE-2018-15735


JSON object : View

Products Affected

stopzilla

  • antimalware
CWE
CWE-20

Improper Input Validation