Search

Find a vulnerability

Search criteria

    20 vulnerabilities found for Malware Fighter by IObit

    CVE-2026-12201 (GCVE-0-2026-12201)

    Vulnerability from nvd – Published: 2026-06-15 00:30 – Updated: 2026-06-15 19:25 X_Freeware
    VLAI
    Title
    IObit Malware Fighter DLL permission
    Summary
    A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-275 - Permission Issues
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 13.0
    Affected: 13.1
    Affected: 13.2.0
        cpe:2.3:a:iobit:malware_fighter:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    nathan2 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-12201",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-15T16:32:10.193227Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-15T19:25:21.144Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:iobit:malware_fighter:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "DLL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.0"
                },
                {
                  "status": "affected",
                  "version": "13.1"
                },
                {
                  "status": "affected",
                  "version": "13.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "nathan2 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.3,
                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T00:30:08.901Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-370844 | IObit Malware Fighter DLL permission",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/370844"
            },
            {
              "name": "VDB-370844 | CTI Indicators (IOB, IOC, TTP)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/370844/cti"
            },
            {
              "name": "CVE-2026-12201 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-12201"
            },
            {
              "name": "Submit #829913 | IObit Malware Fighter 13.2.0 Insecure Permissions in Driver",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/829913"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/nasawyer7/IObitDriverav"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://nathan2.com/posts/iobit/"
            }
          ],
          "tags": [
            "x_freeware"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-14T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-06-14T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-06-14T13:48:29.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter DLL permission"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-12201",
        "datePublished": "2026-06-15T00:30:08.901Z",
        "dateReserved": "2026-06-14T11:43:26.123Z",
        "dateUpdated": "2026-06-15T19:25:21.144Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-1646 (GCVE-0-2023-1646)

    Vulnerability from nvd – Published: 2023-03-26 22:31 – Updated: 2024-08-02 05:57
    VLAI
    Title
    IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E004 stack-based overflow
    Summary
    A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been declared as critical. This vulnerability affects the function 0x8018E000/0x8018E004 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224026 is the identifier assigned to this vulnerability.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.210Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224026"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224026"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1646"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1GITWzh29cRcycVqVJgMJuX6emE_f1KPV/view"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been declared as critical. This vulnerability affects the function 0x8018E000/0x8018E004 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224026 is the identifier assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "In IObit Malware Fighter 9.4.0.776 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Das betrifft die Funktion 0x8018E000/0x8018E004 in der Bibliothek IMFCameraProtect.sys der Komponente IOCTL Handler. Dank der Manipulation mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.3,
                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:37:02.485Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224026"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224026"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1646"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1GITWzh29cRcycVqVJgMJuX6emE_f1KPV/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T12:55:08.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E004 stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1646",
        "datePublished": "2023-03-26T22:31:03.470Z",
        "dateReserved": "2023-03-26T20:12:29.000Z",
        "dateUpdated": "2024-08-02T05:57:24.210Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1645 (GCVE-0-2023-1645)

    Vulnerability from nvd – Published: 2023-03-26 22:00 – Updated: 2025-02-13 21:01
    VLAI
    Title
    IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E008 denial of service
    Summary
    A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been classified as problematic. This affects the function 0x8018E008 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224025 was assigned to this vulnerability.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.346Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224025"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224025"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1645"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1RmFSm1sQWwQXPXjkeZtgf8q51hGD8tTf/view"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1645",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-13T21:00:15.837211Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-13T21:01:55.475Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been classified as problematic. This affects the function 0x8018E008 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224025 was assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in IObit Malware Fighter 9.4.0.776 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft die Funktion 0x8018E008 in der Bibliothek IMFCameraProtect.sys der Komponente IOCTL Handler. Durch Beeinflussen mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:35:49.079Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224025"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224025"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1645"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1RmFSm1sQWwQXPXjkeZtgf8q51hGD8tTf/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T12:40:05.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E008 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1645",
        "datePublished": "2023-03-26T22:00:05.829Z",
        "dateReserved": "2023-03-26T20:12:25.162Z",
        "dateUpdated": "2025-02-13T21:01:55.475Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1644 (GCVE-0-2023-1644)

    Vulnerability from nvd – Published: 2023-03-26 22:00 – Updated: 2024-11-22 20:57
    VLAI
    Title
    IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E010 denial of service
    Summary
    A vulnerability was found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this issue is the function 0x8018E010 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224024.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.905Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224024"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224024"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1644"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1TVezyDiS9Kyw7ttNlLBCstpEUqxozha0/view"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1644",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-01T21:49:15.733142Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T20:57:51.357Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this issue is the function 0x8018E010 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224024."
            },
            {
              "lang": "de",
              "value": "Eine Schwachstelle wurde in IObit Malware Fighter 9.4.0.776 gefunden. Sie wurde als problematisch eingestuft. Hierbei geht es um die Funktion 0x8018E010 in der Bibliothek IMFCameraProtect.sys der Komponente IOCTL Handler. Durch das Beeinflussen mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:34:35.797Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224024"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224024"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1644"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1TVezyDiS9Kyw7ttNlLBCstpEUqxozha0/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T12:24:30.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E010 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1644",
        "datePublished": "2023-03-26T22:00:04.658Z",
        "dateReserved": "2023-03-26T20:12:21.191Z",
        "dateUpdated": "2024-11-22T20:57:51.357Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1643 (GCVE-0-2023-1643)

    Vulnerability from nvd – Published: 2023-03-26 21:31 – Updated: 2024-08-02 05:57
    VLAI
    Title
    IObit Malware Fighter IOCTL ImfHpRegFilter.sys 0x8001E040 denial of service
    Summary
    A vulnerability has been found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this vulnerability is the function 0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040 in the library ImfHpRegFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224023.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.678Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224023"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224023"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1643"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1dHdltwenfMdwAPeb3JPex0fHxfK_iLYh/view"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this vulnerability is the function 0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040 in the library ImfHpRegFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224023."
            },
            {
              "lang": "de",
              "value": "In IObit Malware Fighter 9.4.0.776 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Dabei geht es um die Funktion 0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040 in der Bibliothek ImfHpRegFilter.sys der Komponente IOCTL Handler. Durch Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:33:22.643Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224023"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224023"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1643"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1dHdltwenfMdwAPeb3JPex0fHxfK_iLYh/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T12:09:21.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ImfHpRegFilter.sys 0x8001E040 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1643",
        "datePublished": "2023-03-26T21:31:04.496Z",
        "dateReserved": "2023-03-26T20:12:17.307Z",
        "dateUpdated": "2024-08-02T05:57:24.678Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1642 (GCVE-0-2023-1642)

    Vulnerability from nvd – Published: 2023-03-26 21:31 – Updated: 2024-08-02 05:57
    VLAI
    Title
    IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222040 denial of service
    Summary
    A vulnerability, which was classified as problematic, was found in IObit Malware Fighter 9.4.0.776. Affected is the function 0x222034/0x222038/0x22203C/0x222040 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-224022 is the identifier assigned to this vulnerability.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.556Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224022"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224022"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1642"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1iWdqJ9PsBp1W5xINpUdQ28xbx_tB9xxf/view"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as problematic, was found in IObit Malware Fighter 9.4.0.776. Affected is the function 0x222034/0x222038/0x22203C/0x222040 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-224022 is the identifier assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in IObit Malware Fighter 9.4.0.776 gefunden. Sie wurde als problematisch eingestuft. Es geht dabei um die Funktion 0x222034/0x222038/0x22203C/0x222040 in der Bibliothek ObCallbackProcess.sys der Komponente IOCTL Handler. Durch das Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:32:09.483Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224022"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224022"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1642"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1iWdqJ9PsBp1W5xINpUdQ28xbx_tB9xxf/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T11:54:24.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222040 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1642",
        "datePublished": "2023-03-26T21:31:03.521Z",
        "dateReserved": "2023-03-26T20:12:12.473Z",
        "dateUpdated": "2024-08-02T05:57:24.556Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1641 (GCVE-0-2023-1641)

    Vulnerability from nvd – Published: 2023-03-26 21:00 – Updated: 2024-08-02 05:57
    VLAI
    Title
    IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222018 denial of service
    Summary
    A vulnerability, which was classified as problematic, has been found in IObit Malware Fighter 9.4.0.776. This issue affects the function 0x222018 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224021 was assigned to this vulnerability.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.689Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224021"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224021"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1641"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1ncqfaxSdeu-mGVAOnYxqxYtyyFZClHBF/view"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as problematic, has been found in IObit Malware Fighter 9.4.0.776. This issue affects the function 0x222018 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224021 was assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "Eine Schwachstelle wurde in IObit Malware Fighter 9.4.0.776 entdeckt. Sie wurde als problematisch eingestuft. Es geht hierbei um die Funktion 0x222018 in der Bibliothek ObCallbackProcess.sys der Komponente IOCTL Handler. Mittels Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:30:56.299Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224021"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224021"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1641"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1ncqfaxSdeu-mGVAOnYxqxYtyyFZClHBF/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T11:39:39.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222018 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1641",
        "datePublished": "2023-03-26T21:00:06.025Z",
        "dateReserved": "2023-03-26T20:12:08.539Z",
        "dateUpdated": "2024-08-02T05:57:24.689Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1640 (GCVE-0-2023-1640)

    Vulnerability from nvd – Published: 2023-03-26 21:00 – Updated: 2024-08-02 05:57
    VLAI
    Title
    IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222010 denial of service
    Summary
    A vulnerability classified as problematic was found in IObit Malware Fighter 9.4.0.776. This vulnerability affects the function 0x222010 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224020.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.485Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224020"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224020"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1640"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1AcwSxTA0_zh7mmxU5J8WphRqg_mQsO-g/view"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as problematic was found in IObit Malware Fighter 9.4.0.776. This vulnerability affects the function 0x222010 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224020."
            },
            {
              "lang": "de",
              "value": "In IObit Malware Fighter 9.4.0.776 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Es geht um die Funktion 0x222010 in der Bibliothek ObCallbackProcess.sys der Komponente IOCTL Handler. Mittels dem Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:29:43.168Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224020"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224020"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1640"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1AcwSxTA0_zh7mmxU5J8WphRqg_mQsO-g/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T11:32:48.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222010 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1640",
        "datePublished": "2023-03-26T21:00:04.960Z",
        "dateReserved": "2023-03-26T20:12:05.431Z",
        "dateUpdated": "2024-08-02T05:57:24.485Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1639 (GCVE-0-2023-1639)

    Vulnerability from nvd – Published: 2023-03-26 20:31 – Updated: 2025-02-19 20:23
    VLAI
    Title
    IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E04C denial of service
    Summary
    A vulnerability classified as problematic has been found in IObit Malware Fighter 9.4.0.776. This affects the function 0x8001E04C in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224019.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:25.198Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224019"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224019"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1639"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1hWgHhboaekq4hGIj2kNgEI54rM-u_rvV/view"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1639",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-19T20:23:43.632445Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-19T20:23:55.000Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as problematic has been found in IObit Malware Fighter 9.4.0.776. This affects the function 0x8001E04C in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224019."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in IObit Malware Fighter 9.4.0.776 entdeckt. Sie wurde als problematisch eingestuft. Betroffen hiervon ist die Funktion 0x8001E04C in der Bibliothek ImfRegistryFilter.sys der Komponente IOCTL Handler. Durch Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:28:30.036Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224019"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224019"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1639"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1hWgHhboaekq4hGIj2kNgEI54rM-u_rvV/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T11:16:49.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E04C denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1639",
        "datePublished": "2023-03-26T20:31:04.595Z",
        "dateReserved": "2023-03-26T20:12:01.613Z",
        "dateUpdated": "2025-02-19T20:23:55.000Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1638 (GCVE-0-2023-1638)

    Vulnerability from nvd – Published: 2023-03-26 20:31 – Updated: 2025-02-19 20:15
    VLAI
    Title
    IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E040 denial of service
    Summary
    A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been rated as problematic. Affected by this issue is the function 0x8001E024/0x8001E040 in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-224018 is the identifier assigned to this vulnerability.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.200Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224018"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224018"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1638"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1_jYlCkQMNaUwGV5QJtyz4zhdTqaGCv6Z/view"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1638",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-19T20:14:50.432638Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-19T20:15:00.560Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been rated as problematic. Affected by this issue is the function 0x8001E024/0x8001E040 in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-224018 is the identifier assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "Eine problematische Schwachstelle wurde in IObit Malware Fighter 9.4.0.776 ausgemacht. Betroffen davon ist die Funktion 0x8001E024/0x8001E040 in der Bibliothek ImfRegistryFilter.sys der Komponente IOCTL Handler. Durch die Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:27:16.891Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224018"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224018"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1638"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1_jYlCkQMNaUwGV5QJtyz4zhdTqaGCv6Z/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T11:03:33.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E040 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1638",
        "datePublished": "2023-03-26T20:31:03.608Z",
        "dateReserved": "2023-03-26T20:11:58.927Z",
        "dateUpdated": "2025-02-19T20:15:00.560Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-12201 (GCVE-0-2026-12201)

    Vulnerability from cvelistv5 – Published: 2026-06-15 00:30 – Updated: 2026-06-15 19:25 X_Freeware
    VLAI
    Title
    IObit Malware Fighter DLL permission
    Summary
    A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-275 - Permission Issues
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 13.0
    Affected: 13.1
    Affected: 13.2.0
        cpe:2.3:a:iobit:malware_fighter:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    nathan2 (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-12201",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-15T16:32:10.193227Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-15T19:25:21.144Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:iobit:malware_fighter:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "DLL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "13.0"
                },
                {
                  "status": "affected",
                  "version": "13.1"
                },
                {
                  "status": "affected",
                  "version": "13.2.0"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "nathan2 (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.3,
                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-275",
                  "description": "Permission Issues",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-15T00:30:08.901Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-370844 | IObit Malware Fighter DLL permission",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/370844"
            },
            {
              "name": "VDB-370844 | CTI Indicators (IOB, IOC, TTP)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/370844/cti"
            },
            {
              "name": "CVE-2026-12201 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-12201"
            },
            {
              "name": "Submit #829913 | IObit Malware Fighter 13.2.0 Insecure Permissions in Driver",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/829913"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/nasawyer7/IObitDriverav"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://nathan2.com/posts/iobit/"
            }
          ],
          "tags": [
            "x_freeware"
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-14T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-06-14T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-06-14T13:48:29.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter DLL permission"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-12201",
        "datePublished": "2026-06-15T00:30:08.901Z",
        "dateReserved": "2026-06-14T11:43:26.123Z",
        "dateUpdated": "2026-06-15T19:25:21.144Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-1646 (GCVE-0-2023-1646)

    Vulnerability from cvelistv5 – Published: 2023-03-26 22:31 – Updated: 2024-08-02 05:57
    VLAI
    Title
    IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E004 stack-based overflow
    Summary
    A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been declared as critical. This vulnerability affects the function 0x8018E000/0x8018E004 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224026 is the identifier assigned to this vulnerability.
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.210Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224026"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224026"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1646"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1GITWzh29cRcycVqVJgMJuX6emE_f1KPV/view"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been declared as critical. This vulnerability affects the function 0x8018E000/0x8018E004 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. VDB-224026 is the identifier assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "In IObit Malware Fighter 9.4.0.776 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Das betrifft die Funktion 0x8018E000/0x8018E004 in der Bibliothek IMFCameraProtect.sys der Komponente IOCTL Handler. Dank der Manipulation mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.3,
                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:37:02.485Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224026"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224026"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1646"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1GITWzh29cRcycVqVJgMJuX6emE_f1KPV/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T12:55:08.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E004 stack-based overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1646",
        "datePublished": "2023-03-26T22:31:03.470Z",
        "dateReserved": "2023-03-26T20:12:29.000Z",
        "dateUpdated": "2024-08-02T05:57:24.210Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1645 (GCVE-0-2023-1645)

    Vulnerability from cvelistv5 – Published: 2023-03-26 22:00 – Updated: 2025-02-13 21:01
    VLAI
    Title
    IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E008 denial of service
    Summary
    A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been classified as problematic. This affects the function 0x8018E008 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224025 was assigned to this vulnerability.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.346Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224025"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224025"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1645"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1RmFSm1sQWwQXPXjkeZtgf8q51hGD8tTf/view"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1645",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-13T21:00:15.837211Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-13T21:01:55.475Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been classified as problematic. This affects the function 0x8018E008 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224025 was assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in IObit Malware Fighter 9.4.0.776 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft die Funktion 0x8018E008 in der Bibliothek IMFCameraProtect.sys der Komponente IOCTL Handler. Durch Beeinflussen mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:35:49.079Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224025"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224025"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1645"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1RmFSm1sQWwQXPXjkeZtgf8q51hGD8tTf/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T12:40:05.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E008 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1645",
        "datePublished": "2023-03-26T22:00:05.829Z",
        "dateReserved": "2023-03-26T20:12:25.162Z",
        "dateUpdated": "2025-02-13T21:01:55.475Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1644 (GCVE-0-2023-1644)

    Vulnerability from cvelistv5 – Published: 2023-03-26 22:00 – Updated: 2024-11-22 20:57
    VLAI
    Title
    IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E010 denial of service
    Summary
    A vulnerability was found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this issue is the function 0x8018E010 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224024.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.905Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224024"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224024"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1644"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1TVezyDiS9Kyw7ttNlLBCstpEUqxozha0/view"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1644",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-03-01T21:49:15.733142Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-22T20:57:51.357Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this issue is the function 0x8018E010 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224024."
            },
            {
              "lang": "de",
              "value": "Eine Schwachstelle wurde in IObit Malware Fighter 9.4.0.776 gefunden. Sie wurde als problematisch eingestuft. Hierbei geht es um die Funktion 0x8018E010 in der Bibliothek IMFCameraProtect.sys der Komponente IOCTL Handler. Durch das Beeinflussen mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:34:35.797Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224024"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224024"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1644"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1TVezyDiS9Kyw7ttNlLBCstpEUqxozha0/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T12:24:30.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E010 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1644",
        "datePublished": "2023-03-26T22:00:04.658Z",
        "dateReserved": "2023-03-26T20:12:21.191Z",
        "dateUpdated": "2024-11-22T20:57:51.357Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1643 (GCVE-0-2023-1643)

    Vulnerability from cvelistv5 – Published: 2023-03-26 21:31 – Updated: 2024-08-02 05:57
    VLAI
    Title
    IObit Malware Fighter IOCTL ImfHpRegFilter.sys 0x8001E040 denial of service
    Summary
    A vulnerability has been found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this vulnerability is the function 0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040 in the library ImfHpRegFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224023.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.678Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224023"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224023"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1643"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1dHdltwenfMdwAPeb3JPex0fHxfK_iLYh/view"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this vulnerability is the function 0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040 in the library ImfHpRegFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224023."
            },
            {
              "lang": "de",
              "value": "In IObit Malware Fighter 9.4.0.776 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Dabei geht es um die Funktion 0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040 in der Bibliothek ImfHpRegFilter.sys der Komponente IOCTL Handler. Durch Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:33:22.643Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224023"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224023"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1643"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1dHdltwenfMdwAPeb3JPex0fHxfK_iLYh/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T12:09:21.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ImfHpRegFilter.sys 0x8001E040 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1643",
        "datePublished": "2023-03-26T21:31:04.496Z",
        "dateReserved": "2023-03-26T20:12:17.307Z",
        "dateUpdated": "2024-08-02T05:57:24.678Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1642 (GCVE-0-2023-1642)

    Vulnerability from cvelistv5 – Published: 2023-03-26 21:31 – Updated: 2024-08-02 05:57
    VLAI
    Title
    IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222040 denial of service
    Summary
    A vulnerability, which was classified as problematic, was found in IObit Malware Fighter 9.4.0.776. Affected is the function 0x222034/0x222038/0x22203C/0x222040 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-224022 is the identifier assigned to this vulnerability.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.556Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224022"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224022"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1642"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1iWdqJ9PsBp1W5xINpUdQ28xbx_tB9xxf/view"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as problematic, was found in IObit Malware Fighter 9.4.0.776. Affected is the function 0x222034/0x222038/0x22203C/0x222040 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-224022 is the identifier assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in IObit Malware Fighter 9.4.0.776 gefunden. Sie wurde als problematisch eingestuft. Es geht dabei um die Funktion 0x222034/0x222038/0x22203C/0x222040 in der Bibliothek ObCallbackProcess.sys der Komponente IOCTL Handler. Durch das Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:32:09.483Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224022"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224022"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1642"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1iWdqJ9PsBp1W5xINpUdQ28xbx_tB9xxf/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T11:54:24.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222040 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1642",
        "datePublished": "2023-03-26T21:31:03.521Z",
        "dateReserved": "2023-03-26T20:12:12.473Z",
        "dateUpdated": "2024-08-02T05:57:24.556Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1641 (GCVE-0-2023-1641)

    Vulnerability from cvelistv5 – Published: 2023-03-26 21:00 – Updated: 2024-08-02 05:57
    VLAI
    Title
    IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222018 denial of service
    Summary
    A vulnerability, which was classified as problematic, has been found in IObit Malware Fighter 9.4.0.776. This issue affects the function 0x222018 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224021 was assigned to this vulnerability.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.689Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224021"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224021"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1641"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1ncqfaxSdeu-mGVAOnYxqxYtyyFZClHBF/view"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as problematic, has been found in IObit Malware Fighter 9.4.0.776. This issue affects the function 0x222018 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224021 was assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "Eine Schwachstelle wurde in IObit Malware Fighter 9.4.0.776 entdeckt. Sie wurde als problematisch eingestuft. Es geht hierbei um die Funktion 0x222018 in der Bibliothek ObCallbackProcess.sys der Komponente IOCTL Handler. Mittels Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:30:56.299Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224021"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224021"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1641"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1ncqfaxSdeu-mGVAOnYxqxYtyyFZClHBF/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T11:39:39.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222018 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1641",
        "datePublished": "2023-03-26T21:00:06.025Z",
        "dateReserved": "2023-03-26T20:12:08.539Z",
        "dateUpdated": "2024-08-02T05:57:24.689Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1640 (GCVE-0-2023-1640)

    Vulnerability from cvelistv5 – Published: 2023-03-26 21:00 – Updated: 2024-08-02 05:57
    VLAI
    Title
    IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222010 denial of service
    Summary
    A vulnerability classified as problematic was found in IObit Malware Fighter 9.4.0.776. This vulnerability affects the function 0x222010 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224020.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.485Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224020"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224020"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1640"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1AcwSxTA0_zh7mmxU5J8WphRqg_mQsO-g/view"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as problematic was found in IObit Malware Fighter 9.4.0.776. This vulnerability affects the function 0x222010 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224020."
            },
            {
              "lang": "de",
              "value": "In IObit Malware Fighter 9.4.0.776 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Es geht um die Funktion 0x222010 in der Bibliothek ObCallbackProcess.sys der Komponente IOCTL Handler. Mittels dem Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:29:43.168Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224020"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224020"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1640"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1AcwSxTA0_zh7mmxU5J8WphRqg_mQsO-g/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T11:32:48.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222010 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1640",
        "datePublished": "2023-03-26T21:00:04.960Z",
        "dateReserved": "2023-03-26T20:12:05.431Z",
        "dateUpdated": "2024-08-02T05:57:24.485Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1639 (GCVE-0-2023-1639)

    Vulnerability from cvelistv5 – Published: 2023-03-26 20:31 – Updated: 2025-02-19 20:23
    VLAI
    Title
    IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E04C denial of service
    Summary
    A vulnerability classified as problematic has been found in IObit Malware Fighter 9.4.0.776. This affects the function 0x8001E04C in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224019.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:25.198Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224019"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224019"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1639"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1hWgHhboaekq4hGIj2kNgEI54rM-u_rvV/view"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1639",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-19T20:23:43.632445Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-19T20:23:55.000Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as problematic has been found in IObit Malware Fighter 9.4.0.776. This affects the function 0x8001E04C in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224019."
            },
            {
              "lang": "de",
              "value": "Es wurde eine Schwachstelle in IObit Malware Fighter 9.4.0.776 entdeckt. Sie wurde als problematisch eingestuft. Betroffen hiervon ist die Funktion 0x8001E04C in der Bibliothek ImfRegistryFilter.sys der Komponente IOCTL Handler. Durch Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:28:30.036Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224019"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224019"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1639"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1hWgHhboaekq4hGIj2kNgEI54rM-u_rvV/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T11:16:49.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E04C denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1639",
        "datePublished": "2023-03-26T20:31:04.595Z",
        "dateReserved": "2023-03-26T20:12:01.613Z",
        "dateUpdated": "2025-02-19T20:23:55.000Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-1638 (GCVE-0-2023-1638)

    Vulnerability from cvelistv5 – Published: 2023-03-26 20:31 – Updated: 2025-02-19 20:15
    VLAI
    Title
    IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E040 denial of service
    Summary
    A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been rated as problematic. Affected by this issue is the function 0x8001E024/0x8001E040 in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-224018 is the identifier assigned to this vulnerability.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    IObit Malware Fighter Affected: 9.4.0.776
    Create a notification for this product.
    Credits
    Zeze7w (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T05:57:24.200Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "technical-description",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?id.224018"
              },
              {
                "tags": [
                  "signature",
                  "permissions-required",
                  "x_transferred"
                ],
                "url": "https://vuldb.com/?ctiid.224018"
              },
              {
                "tags": [
                  "related",
                  "x_transferred"
                ],
                "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1638"
              },
              {
                "tags": [
                  "exploit",
                  "x_transferred"
                ],
                "url": "https://drive.google.com/file/d/1_jYlCkQMNaUwGV5QJtyz4zhdTqaGCv6Z/view"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-1638",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-19T20:14:50.432638Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-19T20:15:00.560Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "IOCTL Handler"
              ],
              "product": "Malware Fighter",
              "vendor": "IObit",
              "versions": [
                {
                  "status": "affected",
                  "version": "9.4.0.776"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "analyst",
              "value": "Zeze7w (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been rated as problematic. Affected by this issue is the function 0x8001E024/0x8001E040 in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-224018 is the identifier assigned to this vulnerability."
            },
            {
              "lang": "de",
              "value": "Eine problematische Schwachstelle wurde in IObit Malware Fighter 9.4.0.776 ausgemacht. Betroffen davon ist die Funktion 0x8001E024/0x8001E040 in der Bibliothek ImfRegistryFilter.sys der Komponente IOCTL Handler. Durch die Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Der Angriff muss lokal passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "CWE-404 Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-21T13:27:16.891Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.224018"
            },
            {
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.224018"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1638"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://drive.google.com/file/d/1_jYlCkQMNaUwGV5QJtyz4zhdTqaGCv6Z/view"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2023-03-26T00:00:00.000Z",
              "value": "CVE reserved"
            },
            {
              "lang": "en",
              "time": "2023-03-26T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2023-04-15T11:03:33.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E040 denial of service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2023-1638",
        "datePublished": "2023-03-26T20:31:03.608Z",
        "dateReserved": "2023-03-26T20:11:58.927Z",
        "dateUpdated": "2025-02-19T20:15:00.560Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }