Multiple vulnerabilities in SUPERAntiSpyware
Updated: 06/17/2019
Detect date

Multiple serious vulnerabilities have been found in SUPERAntiSpyware. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code and gain privileges. Below is a complete list of vulnerabilities

  1. Unsafe buffers, function parameter handling, unsafe pointer handling or unsafe reading from registers can be exploited locally;
  2. Unsafe array handling can be exploited locally via surplus application starts;
  3. Vectors related to the Kernel mode can be exploited via registry reading;
  4. Lack of access restrictions in tokens can be exploited via token data redaction;
  5. Unsafe granting of privileges can be exploited via manipulations of the token data.
Affected products

SUPERAntiSpyware versions 4.33 and earlier


Update to latest version

Original advisories

SecList bulletin