Improper input validation in Eset Smart_security
CVE-2008-7107
easdrv.sys in ESET Smart Security 3.0.667.0 allows local users to cause a denial of service (crash) via a crafted IOCTL 0x222003 request to the \\.\easdrv device interface.
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.008 (53.0th percentile) — read the EPSS interpretation.
Affected products
- Eset Smart_security — versions 3.0.667.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (exploit, x_refsource_EXPLOIT-DB)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_XF)