cpe:/a:kaspersky:kaspersky_anti-virus:9.0.0.463 CVE-2009-4114 2009-11-30T16:30:00.267-05:00 2017-08-16T21:31:26.897-04:00 4.9 LOCAL LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2009-12-01T11:32:00.000-05:00 SECTRACK 1023198 BUGTRAQ 20091117 Kaspersky Anti-Virus 2010 <= 9.0.0.463 pointer dereference vulnerability BID 37044 SECUNIA 37398 OSVDB 60207 VUPEN ADV-2009-3286 MISC http://sysdream.com/article.php?story_id=323&section_id=78 XF kaspersky-kl1-privilege-escalation(54309) kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of service (system crash) via IOCTL requests using crafted kernel addresses that trigger memory corruption, possibly related to klavemu.kdl.