Test Kennung:	1.3.6.1.4.1.25623.1.0.800154
Kategorie:	Denial of Service
Titel:	Kaspersky Anti-Virus 2010 'kl1.sys' Driver DoS Vulnerability
Zusammenfassung:	Kaspersky Anti-Virus 2010 is prone to a denial of service (DoS) vulnerability.
Beschreibung:	Summary: Kaspersky Anti-Virus 2010 is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to NULL pointer dereference in 'kl1.sys' driver via a specially-crafted IOCTL 0x0022c008 call. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code with elevated privileges or cause the kernel to crash. Affected Software/OS: Kaspersky Anti-Virus 2010 before 9.0.0.736 on Windows. Solution: Update to version 9.0.0.736 or later. CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4114 BugTraq ID: 37044 http://www.securityfocus.com/bid/37044 Bugtraq: 20091117 Kaspersky Anti-Virus 2010 <= 9.0.0.463 pointer dereference vulnerability (Google Search) http://www.securityfocus.com/archive/1/507933/100/0/threaded http://sysdream.com/article.php?story_id=323&section_id=78 http://osvdb.org/60207 http://www.securitytracker.com/id?1023198 http://secunia.com/advisories/37398 http://www.vupen.com/english/advisories/2009/3286 XForce ISS Database: kaspersky-kl1-privilege-escalation(54309) https://exchange.xforce.ibmcloud.com/vulnerabilities/54309
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.