Iobit : Security vulnerabilities, CVEs published in 2019

Copy

CVE-2019-6494

IMFForceDelete.sys in IObit Malware Fighter 6.2 allows a low privileged user to send IOCTL 0x8016E000 along with a user defined string to a file; that file will be promptly deleted regardless of access controls.

Max CVSS

6.5

EPSS Score

0.06%

Published

2019-04-30

Updated

2020-08-24

CVE-2019-6493

SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC0 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool.

Max CVSS

5.5

EPSS Score

0.05%

Published

2019-04-11

Updated

2020-08-24

CVE-2019-6492

SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC4 is called. This kernel pointer can be leaked if the kernel pool becomes a "big" pool.

Max CVSS

5.5

EPSS Score

0.05%

Published

2019-03-21

Updated

2020-08-24

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!