Vulnerability Details : CVE-2019-6493
Potential exploit
SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC0 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool.
Products affected by CVE-2019-6493
- cpe:2.3:a:iobit:smart_defrag:6:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-6493
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 18 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-6493
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2019-6493
-
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-6493
-
https://www.iobit.com/en/iobitsmartdefrag.php
Macbooster ® Official Site - Download MacBooster 7 - Enjoy a Faster and More Secure MacProduct;Vendor Advisory
-
https://downwithup.github.io/CVEPosts.html
DownWithUp's Github WebsiteExploit;Vendor Advisory
Jump to