{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-1492","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2023-03-18T20:20:37.430Z","datePublished":"2023-03-18T22:31:03.586Z","dateUpdated":"2024-08-02T05:49:11.670Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2023-10-21T09:34:02.324Z"},"title":"Max Secure Anti Virus Plus IoControlCode MaxProc64.sys 0x220019 denial of service","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-404","lang":"en","description":"CWE-404 Denial of Service"}]}],"affected":[{"vendor":"Max Secure","product":"Anti Virus Plus","versions":[{"version":"19.0.2.1","status":"affected"}],"modules":["IoControlCode Handler"]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been declared as problematic. This vulnerability affects the function 0x220019 in the library MaxProc64.sys of the component IoControlCode Handler. The manipulation of the argument SystemBuffer leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-223378 is the identifier assigned to this vulnerability."},{"lang":"de","value":"In Max Secure Anti Virus Plus 19.0.2.1 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Dabei geht es um die Funktion 0x220019 in der Bibliothek MaxProc64.sys der Komponente IoControlCode Handler. Dank Manipulation des Arguments SystemBuffer mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":5.5,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":5.5,"vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":4.6,"vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:C"}}],"timeline":[{"time":"2023-03-18T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2023-03-18T00:00:00.000Z","lang":"en","value":"CVE reserved"},{"time":"2023-03-18T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2023-04-11T20:03:52.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"Zeze7w (VulDB User)","type":"analyst"}],"references":[{"url":"https://vuldb.com/?id.223378","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.223378","tags":["signature","permissions-required"]},{"url":"https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1492","tags":["related"]},{"url":"https://drive.google.com/file/d/1G_Szy4kCrZU-whGbVcxpdE1yKf5Vxqq3/view","tags":["exploit"]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T05:49:11.670Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.223378","tags":["vdb-entry","technical-description","x_transferred"]},{"url":"https://vuldb.com/?ctiid.223378","tags":["signature","permissions-required","x_transferred"]},{"url":"https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1492","tags":["related","x_transferred"]},{"url":"https://drive.google.com/file/d/1G_Szy4kCrZU-whGbVcxpdE1yKf5Vxqq3/view","tags":["exploit","x_transferred"]}]}]}}