IObit Malware Fighter 9.4.0.776 IOCTL ImfHpRegFilter.sys denegación de servicio

ArtículoHistoriarelacionarjsonxmlCTI

Una vulnerabilidad fue encontrada en IObit Malware Fighter 9.4.0.776 y clasificada como problemática. La función 0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040 en la biblioteca ImfHpRegFilter.sys del componente IOCTL Handler es afectada por esta vulnerabilidad. Mediante la manipulación de un input desconocido se causa una vulnerabilidad de clase denegación de servicio. El advisory puede ser descargado de github.com. La vulnerabilidad es identificada como CVE-2023-1643. El ataque sólo se debe hacer local. Los detalles técnicos son conocidos. Fue declarado como prueba de concepto. El exploit puede ser descargado de drive.google.com.

4 Cambios · 73 Puntos de datos

Campo	Fecha de creación 2023-03-26 22:18	Update 1/3 2023-03-27 07:47	Update 2/3 2023-04-15 12:02	Update 3/3 2023-04-15 12:09
software_vendor	IObit	IObit	IObit	IObit
software_name	Malware Fighter	Malware Fighter	Malware Fighter	Malware Fighter
software_version	9.4.0.776	9.4.0.776	9.4.0.776	9.4.0.776
software_component	IOCTL Handler	IOCTL Handler	IOCTL Handler	IOCTL Handler
software_library	ImfHpRegFilter.sys	ImfHpRegFilter.sys	ImfHpRegFilter.sys	ImfHpRegFilter.sys
software_function	0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040	0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040	0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040	0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040
vulnerability_cwe	CWE-404 (denegación de servicio)	CWE-404 (denegación de servicio)	CWE-404 (denegación de servicio)	CWE-404 (denegación de servicio)
vulnerability_risk	1	1	1	1
cvss3_vuldb_av	L	L	L	L
cvss3_vuldb_ac	L	L	L	L
cvss3_vuldb_pr	L	L	L	L
cvss3_vuldb_ui	N	N	N	N
cvss3_vuldb_s	U	U	U	U
cvss3_vuldb_c	N	N	N	N
cvss3_vuldb_i	N	N	N	N
cvss3_vuldb_a	H	H	H	H
cvss3_vuldb_e	P	P	P	P
cvss3_vuldb_rc	R	R	R	R
advisory_url	https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned37	https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1643	https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1643	https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1643
exploit_availability	1	1	1	1
exploit_publicity	1	1	1	1
exploit_url	https://drive.google.com/file/d/1dHdltwenfMdwAPeb3JPex0fHxfK_iLYh/view	https://drive.google.com/file/d/1dHdltwenfMdwAPeb3JPex0fHxfK_iLYh/view	https://drive.google.com/file/d/1dHdltwenfMdwAPeb3JPex0fHxfK_iLYh/view	https://drive.google.com/file/d/1dHdltwenfMdwAPeb3JPex0fHxfK_iLYh/view
source_cve	CVE-2023-1643	CVE-2023-1643	CVE-2023-1643	CVE-2023-1643
cna_responsible	VulDB	VulDB	VulDB	VulDB
advisory_date	1679785200 (2023-03-26)	1679785200 (2023-03-26)	1679785200 (2023-03-26)	1679785200 (2023-03-26)
software_type	Anti-Malware Software	Anti-Malware Software	Anti-Malware Software	Anti-Malware Software
cvss2_vuldb_av	L	L	L	L
cvss2_vuldb_ac	L	L	L	L
cvss2_vuldb_ci	N	N	N	N
cvss2_vuldb_ii	N	N	N	N
cvss2_vuldb_ai	C	C	C	C
cvss2_vuldb_e	POC	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR	UR
cvss2_vuldb_au	S	S	S	S
cvss2_vuldb_rl	ND	ND	ND	ND
cvss3_vuldb_rl	X	X	X	X
cvss2_vuldb_basescore	4.6	4.6	4.6	4.6
cvss2_vuldb_tempscore	3.9	3.9	3.9	3.9
cvss3_vuldb_basescore	5.5	5.5	5.5	5.5
cvss3_vuldb_tempscore	5.0	5.0	5.0	5.0
cvss3_meta_basescore	5.5	5.5	5.5	5.5
cvss3_meta_tempscore	5.0	5.0	5.0	5.3
price_0day	$0-$5k	$0-$5k	$0-$5k	$0-$5k
cve_assigned			1679785200 (2023-03-26)	1679785200 (2023-03-26)
cve_nvd_summary			A vulnerability has been found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this vulnerability is the function 0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040 in the library ImfHpRegFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224023.	A vulnerability has been found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this vulnerability is the function 0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040 in the library ImfHpRegFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224023.
cvss3_nvd_av				L
cvss3_nvd_ac				L
cvss3_nvd_pr				L
cvss3_nvd_ui				N
cvss3_nvd_s				U
cvss3_nvd_c				N
cvss3_nvd_i				N
cvss3_nvd_a				H
cvss2_nvd_av				L
cvss2_nvd_ac				L
cvss2_nvd_au				S
cvss2_nvd_ci				N
cvss2_nvd_ii				N
cvss2_nvd_ai				C
cvss3_cna_av				L
cvss3_cna_ac				L
cvss3_cna_pr				L
cvss3_cna_ui				N
cvss3_cna_s				U
cvss3_cna_c				N
cvss3_cna_i				N
cvss3_cna_a				H
cve_cna				VulDB
cvss2_nvd_basescore				4.6
cvss3_nvd_basescore				5.5
cvss3_cna_basescore				5.5

◂ Anterior Visión De Conjunto Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!