Vulnerabilities > CVE-2017-16948 - NULL Pointer Dereference vulnerability in Tgsoft Vir.It Explorer 8.5.42

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

tgsoft

CWE-476

NVD

Published: 2017-11-26

Updated: 2017-12-15

Summary

TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a NULL value in a 0x82730008 DeviceIoControl request to \\.\Viragtlt.

Vulnerable Configurations

Part	Description	Count
Application	Tgsoft Tgsoft Vir.It Explorer 8.5.42	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://github.com/k0keoyo/Vir.IT-explorer-Anti-Virus-Null-Pointer-Reference-PoC/tree/master/VirIT_NullPointerReference1