CyberSec.Space Logo
Back to CVE Browser

CVE-2018-12572

HIGH
7.8
CVSS Severity Score
EPSS Score0.1160%
EPSS Percentile33.47th
PublishedMar 21, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.

Affected Platforms (CPE)

📦
Avast

Free Antivirus

< 19.1.2360

References & Advisories

🔗 http://packetstormsecurity.com/files/151590/Avast-Anti-Virus-Local-Credential-Disclosure.html
🔗 http://packetstormsecurity.com/files/151590/Avast-Anti-Virus-Local-Credential-Disclosure.html

Related Vulnerabilities

CVE-2020-89619.8

An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. The Self-Protection feature does not prohibit a write opera...

CVE-2010-31269.3

Untrusted search path vulnerability in avast! Free Antivirus version 5.0.594 and earlier allows local users, and possibly remote a...

CVE-2008-54099.3

Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Intern...

CVE-2019-185688.8

Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege escalation through the execution of kernel code from a restricte...