Vulnerabilities > Ikarussecurity

DATE CVE VULNERABILITY TITLE RISK
2017-12-20 CVE-2017-17795 Improper Input Validation vulnerability in Ikarussecurity Anti.Virus 2.16.20
In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83000088.
local
low complexity
ikarussecurity CWE-20
7.8
2017-12-04 CVE-2017-17114 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ikarussecurity Anti.Virus 2.16.15
ntguard.sys and ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 have a Memory Corruption vulnerability via a 0x83000084 DeviceIoControl request.
local
low complexity
ikarussecurity CWE-119
7.8
2017-12-04 CVE-2017-17113 NULL Pointer Dereference vulnerability in Ikarussecurity Anti.Virus 2.16.15
ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a NULL pointer dereference via a 0x830000c4 DeviceIoControl request.
local
low complexity
ikarussecurity CWE-476
5.5
2017-12-04 CVE-2017-17112 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ikarussecurity Anti.Virus 2.16.15
ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool Corruption vulnerability via a 0x83000058 DeviceIoControl request.
local
low complexity
ikarussecurity CWE-119
7.8
2017-11-15 CVE-2017-14961 Improper Input Validation vulnerability in Ikarussecurity Anti.Virus 2.16.7
In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c.
local
low complexity
ikarussecurity CWE-20
7.8
2017-10-19 CVE-2017-15643 HTTP Request Smuggling vulnerability in Ikarussecurity Ikarus Antivirus 2.16.7
An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS Anti Virus 2.16.7.
local
high complexity
ikarussecurity CWE-444
7.4