CVE-2016-4025

MEDIUM Year: 2016
CVSS v3 Score
5.5
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-254
View all →

Vulnerability Description

Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.

Related Vulnerabilities

CVE-2015-3170

MEDIUM
CVSS:5.5(Medium)

selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .conf...

CWE-2542015

CVE-2015-7837

MEDIUM
CVSS:5.5(Medium)

The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot res...

CWE-2542015

CVE-2015-8777

MEDIUM
CVSS:5.5(Medium)

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER...

CWE-2542015

CVE-2015-8986

MEDIUM
CVSS:5.5(Medium)

Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, th...

CWE-2542015

CVE-2016-0181

MEDIUM
CVSS:5.5(Medium)

Microsoft Windows 10 Gold and 1511 allows local users to bypass the Virtual Secure Mode Hypervisor Code Integrity (HVCI) protection mechanism and perform RWX markings of kernel-mode pages via a crafte...

CWE-2542016

CVE-2016-10332

MEDIUM
CVSS:5.5(Medium)

In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications.

CWE-2542016