exploitDog

CVE-2009-4114

Опубликовано: 30 нояб. 2009

Источник: nvd

CVSS2: 4.9

EPSS Низкий

Описание

kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of service (system crash) via IOCTL requests using crafted kernel addresses that trigger memory corruption, possibly related to klavemu.kdl.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kaspersky:kaspersky_anti-virus:9.0.0.463:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00387

Низкий

4.9 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-wf7h-q67q-wp22

github

почти 4 года назад

kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of service (system crash) via IOCTL requests using crafted kernel addresses that trigger memory corruption, possibly related to klavemu.kdl.

EPSS

Процентиль: 59%

0.00387

Низкий

4.9 Medium

CVSS2

Дефекты

CWE-20