cvedb.io
CVE-2017-15921
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-10-30T15:29:00.260 · Last modified 2026-06-17T01:08:28.820

Summary

In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated.

Affected products

watchdogdevelopment — anti-malware

Does this affect you?

Add your gear to cvedb and we'll alert you only when watchdogdevelopment ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.