KLA10315
Multiple vulnerabilities in SUPERAntiSpyware
Updated: 06/17/2019
Detect date
?
02/02/2010
Severity
?
High
Description

Multiple serious vulnerabilities have been found in SUPERAntiSpyware. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code and gain privileges. Below is a complete list of vulnerabilities

  1. Unsafe buffers, function parameter handling, unsafe pointer handling or unsafe reading from registers can be exploited locally;
  2. Unsafe array handling can be exploited locally via surplus application starts;
  3. Vectors related to the Kernel mode can be exploited via registry reading;
  4. Lack of access restrictions in tokens can be exploited via token data redaction;
  5. Unsafe granting of privileges can be exploited via manipulations of the token data.
Affected products

SUPERAntiSpyware versions 4.33 and earlier

Solution

Update to latest version

Original advisories

SecList bulletin