Vulnerabilities > CVE-2015-7303 - Unspecified vulnerability in Avira Management Console

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

avira

critical

NVD

Published: 2015-09-21

Updated: 2015-09-23

Summary

Use-after-free vulnerability in the Update Manager service in Avira Management Console allows remote attackers to execute arbitrary code via a large header. <a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>

Vulnerable Configurations

Part	Description	Count
Application	Avira Avira Management Console *	1

References

http://www.zerodayinitiative.com/advisories/ZDI-15-445