CVE-2010-5075

Avast! Internet Security <5.0 - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-5075. PoCs published by x90c.

AI-analyzed exploit summary This exploit demonstrates a memory pool corruption vulnerability in Avast! Internet Security 5.0's 'aswFW.sys' kernel driver via an IOCTL call (0x829C0964). The PoC triggers an integer overflow during pool allocation and a subsequent buffer overflow, leading to a kernel panic (DoS).

Description

Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.

Exploits (1)

exploitdb WORKING POC
by x90c · textdoswindows
https://www.exploit-db.com/exploits/14533

This exploit demonstrates a memory pool corruption vulnerability in Avast! Internet Security 5.0's 'aswFW.sys' kernel driver via an IOCTL call (0x829C0964). The PoC triggers an integer overflow during pool allocation and a subsequent buffer overflow, leading to a kernel panic (DoS).

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Avast! Internet Security 5.0 (aswFW.sys 5.0.594.0)
No auth needed
Prerequisites: Local access to the system · Avast! Internet Security 5.0 installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

EPSS 0.0091
EPSS Percentile 55.2%

Details

CWE
CWE-189
Status published
Products (1)
avast\!/avast\!_internet_security 5.0
Published Dec 28, 2014
Tracked Since Feb 18, 2026