CVE-2018-18026: Buffer Overflow
First published: Fri Oct 19 2018(Updated: )
IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of service or code execution attack.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IOBit Malware Fighter | <=6.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2018-18026.
What is the severity of CVE-2018-18026?
The severity of CVE-2018-18026 is high.
What is affected by CVE-2018-18026?
IOBit Malware Fighter versions up to and including 6.2 are affected by CVE-2018-18026.
How can an attacker exploit CVE-2018-18026?
An attacker can exploit CVE-2018-18026 by using DeviceIoControl to pass a user-specified size, which can lead to a stack-based buffer overflow and potentially overwrite return addresses.
Are there any fixes or patches available for CVE-2018-18026?
Please refer to the vendor's website or security advisories for available fixes or patches for CVE-2018-18026.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/event
- agent/tags
- agent/first-publish-date
- agent/description
- agent/source
- vendor/iobit
- canonical/iobit malware fighter
- version/iobit malware fighter/6.2