Avira Internet Security - 'avipbb.sys' Filter Bypass / Privilege Escalation

EDB-ID:

29125

CVE:





Platform:

Windows

Date:

2013-10-22


# Exploit Title: Avira internet security avipbb.sys filter bypass and
privilege escalation - 0Day
# Date: 2013-10-17
# Exploit Author: Ahmad Moghimi (http://mallocat.com
<http://mallocat.com/>, https://twitter.com/mall0cat)
# Vendor Homepage: http://www.avira.com/
# Software Link:
http://premium.avira-update.com/package/webloader/win32/iss/avira_internet_security_suite.exe
# Version: Latest
# Tested on: Windows XPSP3
# CVE : NO-CVE

Reference : http://mallocat.com/another-journey-to-antivirus-escalation/
Demo: http://mallocat.com/wp-content/uploads/2013/10/avira0.swf
Exploit code:
http://mallocat.com/wp-content/uploads/2013/10/AviraAvipbbExploit.7z
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/29125.7z