Avast! Antivirus is prone to an arbitrary-file-deletion vulnerability.
An attacker can exploit this issue to delete arbitrary files on a vulnerable computer with the affected application.
Versions prior to Avast! Antivirus 17 are vulnerable.
Information
Bugtraq ID: 98086Class: Design Error
CVE: CVE-2017-8307
Remote: Yes
Local: No
Published: Apr 27 2017 12:00AM
Updated: Apr 28 2017 07:13PM
Credit: Martin Rakhmanov of Trustwave.
Vulnerable: Avast Antivirus 0
Not Vulnerable: Avast Antivirus 17
Exploit
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
References: