CVE-2018-15735

An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000206F.

Published: Jun 21, 2019
Updated: Apr 13, 2023
CVE: CVE-2018-15735
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
stopzilla / antimalware	6.5.2.59	6.5.2.59.x

https://www.greyhathacker.net
https://www.greyhathacker.net/?p=1025

Vulnerability Database

290,206

CVE-2018-15735