CVE-2009-3523: Input Validation
First published: Thu Oct 01 2009(Updated: )
aavmKer4.sys in avast! Home and Professional for Windows before 4.8.1356 does not properly validate input to IOCTLs (1) 0xb2d6000c and (2) 0xb2d60034, which allows local users to gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption, a different vulnerability than CVE-2008-1625.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Avast Antivirus | <=4.8.1351 | |
| Avast Antivirus | =4.7.827 | |
| Avast Antivirus | =4.7.844 | |
| Avast Antivirus | =4.7.869 | |
| Avast Antivirus | =4.7.1043 | |
| Avast Antivirus | =4.7.1098 | |
| Avast Antivirus | =4.8.1169 | |
| Avast Antivirus | =4.8.1195 | |
| Avast Antivirus | =4.8.1201 | |
| Avast Antivirus | =4.8.1227 | |
| Avast Antivirus | =4.8.1229 | |
| Avast Antivirus | =4.8.1282 | |
| Avast Antivirus | =4.8.1290 | |
| Avast Antivirus | =4.8.1296 | |
| Avast Antivirus | =4.8.1335 | |
| Avast Pro Antivirus | <=4.8.1351 | |
| Avast Pro Antivirus | =4.7.827 | |
| Avast Pro Antivirus | =4.7.844 | |
| Avast Pro Antivirus | =4.7.1043 | |
| Avast Pro Antivirus | =4.7.1098 | |
| Avast Pro Antivirus | =4.8.1169 | |
| Avast Pro Antivirus | =4.8.1195 | |
| Avast Pro Antivirus | =4.8.1201 | |
| Avast Pro Antivirus | =4.8.1227 | |
| Avast Pro Antivirus | =4.8.1229 | |
| Avast Pro Antivirus | =4.8.1282 | |
| Avast Pro Antivirus | =4.8.1290 | |
| Avast Pro Antivirus | =4.8.1296 | |
| Avast Pro Antivirus | =4.8.1335 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2009-3523?
CVE-2009-3523 is classified as a high severity vulnerability due to its ability to allow local users to gain elevated privileges.
How do I fix CVE-2009-3523?
To mitigate CVE-2009-3523, update to the latest version of Avast Antivirus that is patched against this vulnerability.
What versions are affected by CVE-2009-3523?
CVE-2009-3523 affects multiple versions of Avast Antivirus, specifically versions prior to 4.8.1356.
Can CVE-2009-3523 be exploited remotely?
No, CVE-2009-3523 can only be exploited locally by authenticated users.
What type of vulnerability is CVE-2009-3523?
CVE-2009-3523 is a privilege escalation vulnerability that results from improper input validation in the driver.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/avast
- canonical/avast antivirus
- version/avast antivirus/4.8.1351
- version/avast antivirus/4.7.827
- version/avast antivirus/4.7.844
- version/avast antivirus/4.7.869
- version/avast antivirus/4.7.1043
- version/avast antivirus/4.7.1098
- version/avast antivirus/4.8.1169
- version/avast antivirus/4.8.1195
- version/avast antivirus/4.8.1201
- version/avast antivirus/4.8.1227
- version/avast antivirus/4.8.1229
- version/avast antivirus/4.8.1282
- version/avast antivirus/4.8.1290
- version/avast antivirus/4.8.1296
- version/avast antivirus/4.8.1335
- canonical/avast pro antivirus
- version/avast pro antivirus/4.8.1351
- version/avast pro antivirus/4.7.827
- version/avast pro antivirus/4.7.844
- version/avast pro antivirus/4.7.1043
- version/avast pro antivirus/4.7.1098
- version/avast pro antivirus/4.8.1169
- version/avast pro antivirus/4.8.1195
- version/avast pro antivirus/4.8.1201
- version/avast pro antivirus/4.8.1227
- version/avast pro antivirus/4.8.1229
- version/avast pro antivirus/4.8.1282
- version/avast pro antivirus/4.8.1290
- version/avast pro antivirus/4.8.1296
- version/avast pro antivirus/4.8.1335