CVE-2009-4114

Name of the Vulnerable Software and Affected Versions Kaspersky Anti-Virus versions 9.0.0.463 through 9.0.0.735

Description The issue is related to the improper validation of input to IOCTL 0x0022c008 in the kl1.sys component. This allows local users to cause a denial of service, resulting in a system crash, by sending IOCTL requests with crafted kernel addresses that trigger memory corruption. The issue might be related to the klavemu.kdl component.

Recommendations For Kaspersky Anti-Virus versions 9.0.0.463 through 9.0.0.735, update to version 9.0.0.736 or later to resolve the issue.