vendor:
Kaspersky Anti-Virus 2010
by:
Heurs
7.2
CVSS
HIGH
Denial of Service (DoS)
399
CWE
Product Name: Kaspersky Anti-Virus 2010
Affected Version From: 9.0.0.463
Affected Version To: 9.0.0.463
Patch Exists: YES
Related CWE: N/A
CPE: a:kaspersky_lab:kaspersky_anti-virus_2010
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2009
Kaspersky Anti-Virus 2010 9.0.0.463 Local DoS
Kaspersky Anti-Virus 2010 9.0.0.463 is vulnerable to a local denial of service attack. The kl1.sys driver does not check the inputs address of an IOCTL, which can lead to an exception being thrown if one or two DWORDs are modified. The exploit can cause a Blue Screen of Death (BSOD).
Mitigation:
Update to the latest version of Kaspersky Anti-Virus 2010 9.0.0.463