Skip to main content

Malwarebytes Anti Exploit

2 CVEs product

Monthly

CVE-2014-100039 LOW POC Monitor

mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service (crash) via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Malwarebytes Anti Exploit
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
0.5%
CVE-2014-4936 CRITICAL POC THREAT Emergency

The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 18.9%.

RCE Malwarebytes Anti Exploit Malwarebytes Anti Malware
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
18.9%
EPSS 0% CVSS 2.1
LOW POC Monitor

mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service (crash) via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Malwarebytes Anti Exploit
NVD Exploit-DB
EPSS 19% CVSS 9.3
CRITICAL POC THREAT Emergency

The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 18.9%.

RCE Malwarebytes Anti Exploit Malwarebytes Anti Malware
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy