CVE-2022-4291
7.7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Summary
The aswjsflt.dll library from Avast Antivirus windows contained a potentially exploitable heap corruption vulnerability that could enable an attacker to bypass the sandbox of the application it was loaded into, if applicable. This issue was fixed in version 18.0.1478 of the Script Shield Component.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NortonLifelock | Avast Antivirus | 0 <= 18.0.1473.0 | affected |
Weaknesses
- CWE-119: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.