Vulnerabilities > CVE-2018-15733 - NULL Pointer Dereference vulnerability in Stopzilla Antimalware 6.5.2.59

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
local
low complexity
stopzilla
CWE-476

Summary

An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains a NULL Pointer Dereference vulnerability due to not validating the size of the output buffer value from IOCtl 0x80002028.

Vulnerable Configurations

Part Description Count
Application
Stopzilla
1

Common Weakness Enumeration (CWE)