MidnightBSD

Advisories for watchdogdevelopment

CVE-2017-15920 MEDIUM

In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
watchdogdevelopment anti-malware 2.74.186.150
watchdogdevelopment online_security_pro 2.74.186.150
CVE-2017-15921 MEDIUM

In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
watchdogdevelopment anti-malware 2.74.186.150
watchdogdevelopment online_security_pro 2.74.186.150
CVE-2018-6625 MEDIUM

In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
watchdogdevelopment anti-malware 2.74.186.150
CVE-2018-6627 MEDIUM

In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002054.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
watchdogdevelopment anti-malware 2.74.186.150