Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.
References
Link | Resource |
---|---|
https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/ | Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2016-11-03 03:59
Updated : 2016-11-04 12:03
NVD link : CVE-2016-4025
Mitre link : CVE-2016-4025
JSON object : View
CWE
CWE-254
7PK - Security Features
Products Affected
avast
- email_server_security
- pro_antivirus
- endpoint_protection
- file_server_security
- free_antivirus
- premier
- business_security
- endpoint_protection_suite_plus
- endpoint_protection_suite
- endpoint_protection_plus
- internet_security