CVE-2010-0705

Published: Feb 25, 2010Modified: Apr 29, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly validate input to IOCTL 0xb2d60030, which allows local users to cause a denial of service (system crash) or execute arbitrary code to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.

Affected (25)

Products: Avast: Avast Antivirus Home, Avast Antivirus Professional

Avast

2 products

Avast Antivirus Home

Avast Antivirus Professional

Configuration A

25 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Avast Avast Antivirus Home	Up to 5.0.396.0
Avast Avast Antivirus Home	Version 4.8.1169
Avast Avast Antivirus Home	Version 4.8.1195
Avast Avast Antivirus Home	Version 4.8.1201
Avast Avast Antivirus Home	Version 4.8.1227
Avast Avast Antivirus Home	Version 4.8.1229
Avast Avast Antivirus Home	Version 4.8.1282
Avast Avast Antivirus Home	Version 4.8.1290
Avast Avast Antivirus Home	Version 4.8.1296
Avast Avast Antivirus Home	Version 4.8.1335
Avast Avast Antivirus Home	Version 4.8.1351
Avast Avast Antivirus Home	Version 4.8.1368.0
Avast Avast Antivirus Professional	Up to 5.0.396.0
Avast Avast Antivirus Professional	Version 4.8.1169
Avast Avast Antivirus Professional	Version 4.8.1195
Avast Avast Antivirus Professional	Version 4.8.1201
Avast Avast Antivirus Professional	Version 4.8.1227
Avast Avast Antivirus Professional	Version 4.8.1229
Avast Avast Antivirus Professional	Version 4.8.1282
Avast Avast Antivirus Professional	Version 4.8.1290
Avast Avast Antivirus Professional	Version 4.8.1296
Avast Avast Antivirus Professional	Version 4.8.1335
Avast Avast Antivirus Professional	Version 4.8.1351
Avast Avast Antivirus Professional	Version 4.8.1356.0
Avast Avast Antivirus Professional	Version 4.8.1368.0