Vulnerabilities > CVE-2020-8508 - Out-of-bounds Write vulnerability in Norman Malware Cleaner 2.08.08

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

norman

CWE-787

critical

NVD

Published: 2020-02-03

Updated: 2020-02-06

Summary

nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call arbitrary kernel functions because the passing of function pointers between user and kernel mode is mishandled.

Vulnerable Configurations

Part	Description	Count
Application	Norman Norman Malware Cleaner 2.08.08	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://downwithup.github.io/CVEPosts.html