CVE-2010-2031

Kingsoft Webshield < 3.5.1.2 - Memory Corruption

Title source: rule

Description

KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device.

Exploits (1)

exploitdb WORKING POC

by Xuanyuan Smart · clocalwindows

https://www.exploit-db.com/exploits/12710

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/advisories/39916

[Exploit] http://www.exploit-db.com/exploits/12710

[Exploit] http://www.securityfocus.com/bid/40342

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/58780

Scores

EPSS 0.0012

EPSS Percentile 31.3%

Details

CWE

CWE-119

Status published

Products (1)

kingsoft/webshield < 3.5.1.2

Published May 24, 2010

Tracked Since Feb 18, 2026