Vulnerability Details : CVE-2009-1824
The ps_drv.sys kernel driver in ArcaBit ArcaVir 2009 Antivirus Protection 9.4.3201.9 and earlier, ArcaVir 2009 Internet Security 9.4.3202.9 and earlier, ArcaVir 2009 System Protection 9.4.3203.9 and earlier, and ArcaBit 2009 Home Protection 9.4.3204.9 and earlier, allows local users to gain privileges via crafted METHOD_NEITHER IOCTL requests to \Device\ps_drv containing arbitrary kernel addresses, as demonstrated using the (1) 0x2A7B802B and possibly (2) 0x2A7B8004 and (3) 0x2A7B802F IOCTLs.
Vulnerability category: Input validation
Exploit prediction scoring system (EPSS) score for CVE-2009-1824
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-1824
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2009-1824
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-1824
Products affected by CVE-2009-1824
- cpe:2.3:a:arcabit:arcavir_2009_antivirus_protection:*:*:*:*:*:*:*:*
- cpe:2.3:a:arcabit:arcavir_2009_internet_security:*:*:*:*:*:*:*:*
- cpe:2.3:a:arcabit:arcavir_2009_system_protection:*:*:*:*:*:*:*:*
- cpe:2.3:a:arcabit:arcavir_2009_home_protection:*:*:*:*:*:*:*:*