//----- Advisory Program : avast! 4.8.1335 Professional Homepage : http://www.avast.com Discovery : 2009/07/29 Author Contacted : 2009/07/31 Found by : Heurs This Advisory : Heurs Contact : heurs@xxxxxxxxxxxxxxxxxxx, s.leberre@xxxxxxxxxxxx //----- Application description Avast! antivirus software represents complete virus protection, offering full desktop security including a resident shield. This antivirus is certified by both ICSA Labs and West Coast Labs Checkmark. //----- Description of vulnerability The File System Filter driver is prone to a local kernel buffer overflow. This vulnerability allows an intruder to gain SYSTEM privileges on a Windows system from a limited user account. //----- Proof Of Concept http://www.sysdream.com/LocalEscalation_Avast.rar //----- Credits http://www.sysdream.com http://ghostsinthestack.org s.leberre at sysdream dot com heurs at ghostsinthestack dot org //----- Greetings Virtualabs
