Posted by Kyriakos Economou on Feb 22

* CVE: CVE-2015-8620
* Vendor: Avast
* Reported by: Kyriakos Economou
* Date of Release: 17/02/2016
* Affected Products: Multiple
* Affected Version: <= v11.1.2245
* Fixed Version: v11.1.2253

Description:
A heap overflow bug in the Avast Virtualization kernel mode driver (aswSnx.sys) allows a local attacker to elevate his
privileges from any account type and execute code as SYSTEM.

Affected Products:

Avast Internet Security v11.1.2245…