HomePentest-Tools.com Logo

Avast Free Antivirus Multiple Vulnerabilities CVE-2017-8308CVE-2017-8307

Severity
CVSSv3 Score
7.5
Vulnerability description

Avast Free Antivirus is prone to multiple vulnerabilities.

Risk description

Multiple flaws exist due to design errors in the application. Using LPC interface API exposed by the AvastSVC.exe Windows service it is possible to delete arbitrary file, replace arbitrary file and launch predefined binaries. Successful exploitation will allow attackers to conduct a denial-of-service condition, execute arbitrary code and bypass certain security features on the affected system.

Recommendation

Upgrade to Avast Free Antivirus version 17.0 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Apr 27, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available