| Vector: | Local |
| Severity: | Low |
| Patch: | Patched |
| Impact: | Denial of Service (DoS) |
| Software: | Malwarebytes Anti-Exploit 1.x , vulnerable versions: <1.05 |
An attacker can perform a denial of service attack.
The vulnerability is caused due to an out-of-bounds read error within the mbae.sys driver when processing the 0x0022e000 IOCTL. An attacker can perform a denial of service (DoS) attack.
Solution:
For Malwarebytes Anti-Exploit 1.x: Update to version 1.05.
Links:
- https://blog.malwarebytes.org/news/2014/12/the-new-malwarebytes-anti-exploit-1-05/
- https://forums.malwarebytes.org/index.php
- http://www.exploit-db.com/exploits/35842/
