Kaspersky Anti-Virus 2010 kl1.sys Denial of Service Vulnerability

Kaspersky Anti-Virus 2010 kl1.sys Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA37398
VERIFY ADVISORY: http://secunia.com/advisories/37398/
DESCRIPTION: Heurs has discovered a vulnerability in Kaspersky Anti-Virus 2010, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the kl1.sys driver when handling IOCTLs. This can be exploited to dereference invalid memory and cause a kernel crash via a specially crafted 0x0022C008 IOCTL.
The vulnerability is confirmed in version 9.0.0.463. Other versions may also be affected.
SOLUTION: Update to version 9.0.0.736.
PROVIDED AND/OR DISCOVERED BY: Heurs
ORIGINAL ADVISORY: http://sysdream.com/article.php?story_id=323&section_id=78
———————————————————————-

mobile

Dieser Beitrag wurde am Mittwoch 18. November 2009, 21:40 unter Bugs / Fehlermeldungen verfasst. Sie können alle Antworten auf diesen Beitrag nachverfolgen mit RSS 2.0. Sie können eine Antwort, oder einen Trackback von Ihrer eigenen Seite hinterlassen.

M	D	M	D	F	S	S
« Aug
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

Kaspersky Anti-Virus 2010 kl1.sys Denial of Service Vulnerability

Kalender

Meta