CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-16720

In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x1236001c, a related issue to CVE-2018-16304.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.4%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.6

References

https://github.com/bsauce/poc/tree/master/jingyun_antivirus_1236001c
https://www.cnvd.org.cn/flaw/show/CNVD-2018-19267
https://github.com/bsauce/poc/tree/master/jingyun_antivirus_1236001c
https://www.cnvd.org.cn/flaw/show/CNVD-2018-19267

Products affected by CVE-2018-16720

V-Secure » Jingyun Antivirus » Version: 2.4.2.39

cpe:2.3:a:v-secure:jingyun_antivirus:2.4.2.39

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-16720

Products

Pricing

Contact Us