Vulnerabilities > CVE-2023-1646 - Out-of-bounds Write vulnerability in Iobit Malware Fighter 9.4.0.776

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

iobit

CWE-787

NVD

Published: 2023-03-26

Updated: 2024-04-11

Summary

A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been declared as critical. This vulnerability affects the function 0x8018E000/0x8018E004 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224026 is the identifier assigned to this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Iobit Iobit Malware Fighter 9.4.0.776	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://vuldb.com/?ctiid.224026
https://vuldb.com/?id.224026
https://drive.google.com/file/d/1GITWzh29cRcycVqVJgMJuX6emE_f1KPV/view
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1646