Input Validation Flaw in Kaspersky Anti-Virus Software
CVE-2009-4114

Currently unrated

Key Information:

Vendor

Kaspersky
Status
Kaspersky Anti-virus
Vendor
CVE Published:
30 November 2009

What is CVE-2009-4114?

The kl1.sys file in Kaspersky Anti-Virus 2010 and potentially earlier versions fails to properly validate input for IOCTL request 0x0022c008. This vulnerability allows local users to exploit crafted kernel addresses, leading to memory corruption and inducing a system crash (denial of service). The issue may be linked to the klavemu.kdl component, prompting concerns about system stability and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://sysdream.com/article.php?story_id=323&section_id=78
x_refsource_MISC
http://www.vupen.com/english/advisories/2009/3286
vdb-entryx_refsource_VUPEN
http://osvdb.org/60207
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.