The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Avast AV

vulnerability alert CVE-2015-8620

Avast Antivirus: buffer overflow of aswSnx.sys

Synthesis of the vulnerability

An attacker can generate a buffer overflow in aswSnx.sys of Avast, in order to trigger a denial of service, and possibly to run code with system privileges.
Impacted products: Avast AV.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on service.
Provenance: user shell.
Creation date: 23/02/2016.
Revision date: 16/06/2017.
Identifiers: CVE-2015-8620, VIGILANCE-VUL-19011, ZDI-16-681.

Description of the vulnerability

The Avast product installs the aswSnx.sys (Avast Virtualization) driver.

However, if the size of data is greater than the size of the storage array, an overflow occurs in aswSnx.sys.

An attacker can therefore generate a buffer overflow in aswSnx.sys of Avast, in order to trigger a denial of service, and possibly to run code with system privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-8307 CVE-2017-8308

Avast Antivirus: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Avast Antivirus.
Impacted products: Avast AV.
Severity: 2/4.
Consequences: privileged access/rights, denial of service on service.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 2.
Creation date: 28/04/2017.
Identifiers: CVE-2017-8307, CVE-2017-8308, TWSL2017-009, VIGILANCE-VUL-22585.

Description of the vulnerability

Several vulnerabilities were announced in Avast Antivirus.

An attacker can trigger a fatal error via LPC interface API, in order to trigger a denial of service. [severity:1/4; CVE-2017-8307]

An attacker can bypass security features via Trusted Arbitrary Process, in order to escalate his privileges. [severity:2/4; CVE-2017-8308]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-5565 CVE-2017-5566 CVE-2017-5567

Antivirus: privilege escalation via Microsoft Application Verifier

Synthesis of the vulnerability

An attacker can bypass restrictions via Microsoft Application Verifier of Antivirus, in order to escalate his privileges.
Impacted products: Avast AV, NOD32 Antivirus, F-Secure AV, AVG AntiVirus, McAfee MOVE AntiVirus, VirusScan, Norton Antivirus, Norton Internet Security, Panda AV, Panda Internet Security, TrendMicro Internet Security, OfficeScan.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 5.
Creation date: 22/03/2017.
Identifiers: 1116957, CVE-2017-5565, CVE-2017-5566, CVE-2017-5567, CVE-2017-6186, CVE-2017-6417, VIGILANCE-VUL-22211.

Description of the vulnerability

An attacker can bypass restrictions via Microsoft Application Verifier of Antivirus, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 21973

Avast Antivirus: vulnerability via the SafeZone function for browser

Synthesis of the vulnerability

A vulnerability via the SafeZone for browser extension from Avast Antivirus was announced.
Impacted products: Avast AV.
Severity: 2/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: internet server.
Creation date: 28/02/2017.
Identifiers: VIGILANCE-VUL-21973.

Description of the vulnerability

A vulnerability via the SafeZone for browser extension from Avast Antivirus was announced.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability 21865

Avast: denial of service via aswSp.sys

Synthesis of the vulnerability

An attacker can generate a fatal error via aswSp.sys of Avast, in order to trigger a denial of service.
Impacted products: Avast AV.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: user shell.
Creation date: 16/02/2017.
Identifiers: FG-VD-16-060, FG-VD-16-061, VIGILANCE-VUL-21865.

Description of the vulnerability

An attacker can generate a fatal error via aswSp.sys of Avast, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-4025

Avast: escape from Sandbox

Synthesis of the vulnerability

An attacker can use an IOCTL of Avast, in order to create a file from an application protected by the sandbox.
Impacted products: Avast AV.
Severity: 1/4.
Consequences: data creation/edition.
Provenance: user shell.
Creation date: 21/04/2016.
Identifiers: CVE-2016-4025, VIGILANCE-VUL-19429.

Description of the vulnerability

The Avast product installs the aswSnx.sys (Avast Virtualization) driver, which offers a Sandbox service to jail applications.

However, using snxhk.dll and the IOCTL 0x82AC0168, an attacker can escape from jail, to create a file.

An attacker can therefore use an IOCTL of Avast, in order to create a file from an application protected by the sandbox.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2016-3986

Avast: memory corruption via Authenticode

Synthesis of the vulnerability

An attacker can send a PE file with malicious Authenticode data, to generate a memory corruption in Avast, in order to trigger a denial of service, and possibly to run code.
Impacted products: Avast AV.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on service.
Provenance: document.
Creation date: 07/03/2016.
Identifiers: CVE-2016-3986, VIGILANCE-VUL-19110.

Description of the vulnerability

An executable program in PE format contains Authenticode data, to authenticate the author.

However, when Avast analyzes these data, the StreamHashClose() function corrupts its memory.

An attacker can therefore send a PE file with malicious Authenticode data, to generate a memory corruption in Avast, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert 18786

Avast: escape from Sandbox

Synthesis of the vulnerability

An attacker can use HWND_BROADCAST to escape the Sandbox of Avast, in order to execute code with no constraint.
Impacted products: Avast AV.
Severity: 2/4.
Consequences: user access/rights.
Provenance: user shell.
Creation date: 21/01/2016.
Identifiers: VIGILANCE-VUL-18786.

Description of the vulnerability

The Avast product offers a Sandbox service to jail applications.

However, a HWND_BROADCAST message can send characters to a cmd.exe process, in order to escape from the jail.

An attacker can therefore use HWND_BROADCAST to escape the Sandbox of Avast, in order to execute code with no constraint.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert 18531

Avast: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Avast.
Impacted products: Avast AV.
Severity: 3/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 15/12/2015.
Identifiers: VIGILANCE-VUL-18531.

Description of the vulnerability

Several vulnerabilities were announced in Avast.

An attacker can generate an integer overflow in filevirus_ttf, in order to trigger a denial of service, and possibly to run code. [severity:3/4]

An attacker can force a read at an invalid address in JetDb::IsExploited4x, in order to trigger a denial of service. [severity:2/4]

An attacker can generate a buffer overflow in MoleBox, in order to trigger a denial of service, and possibly to run code. [severity:3/4]

An attacker can generate a memory corruption in PEncrypt, in order to trigger a denial of service, and possibly to run code. [severity:3/4]

An attacker can generate a buffer overflow in IntToExt, in order to trigger a denial of service, and possibly to run code. [severity:3/4]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2015-5662

Avast: file moved/deleted via ZIP

Synthesis of the vulnerability

An attacker can send a malicious ZIP file to Avast, in order to force a file to be moved/deleted.
Impacted products: Avast AV.
Severity: 2/4.
Consequences: data creation/edition, data deletion.
Provenance: document.
Creation date: 16/10/2015.
Identifiers: CVE-2015-5662, JVN#25576608, VIGILANCE-VUL-18128.

Description of the vulnerability

The Avast product moves or deletes files containing viruses.

However, when a ZIP archive is processed, the filename comes from the archive, but the move/delete operation is performed on the filesystem.

An attacker can therefore send a malicious ZIP file to Avast, in order to force a file to be moved/deleted.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Avast AV: