Security Advisory

CVE-2017-15920

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-10-30 15:00:00

Last updated 2024-08-05 20:04:50

Assigner mitre

State PUBLISHED

Description

In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated.

← Browse all CVEs View on cve.org ↗