CVE-2018-10098

Published: Jul 13, 2018Modified: Nov 21, 2024

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of service (BSOD).

Affected (1)

Products: Escanav: Escan Internet Security Suite

Escanav

1 product

Escan Internet Security Suite

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Escanav Escan Internet Security Suite	Version 14.0.1400.2029

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

http://seclists.org/fulldisclosure/2018/Jul/53

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2018/Jul/53

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

Timeline

No history available yet.