Summary
The host is installed with Kaspersky Anti-Virus 2010 and is prone to Denial of Service vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary code with elevated privileges or cause the kernel to crash.
Impact Level: System/Application
Solution
Update to version 9.0.0.736 or later,
For updates refer to http://www.kaspersky.com/downloads
Insight
The flaw is due to NULL pointer dereference in 'kl1.sys' driver via a specially-crafted IOCTL 0x0022c008 call.
Affected
Kaspersky Anti-Virus 2010 before 9.0.0.736 on Windows.
References
Severity
Classification
-
CVE CVE-2009-4114 -
CVSS Base Score: 4.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Linux
- Comodo Internet Security Denial of Service Vulnerability-03
- Apache Subversion 'mod_dav_svn' Module Multiple DoS Vulnerabilities
- Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities
- F-PROT AV 'ELF' Header Denial of Service Vulnerability