Unrated severityNVD Advisory· Published May 29, 2009· Updated Apr 23, 2026

CVE-2009-1824

Description

The ps_drv.sys kernel driver in ArcaBit ArcaVir 2009 Antivirus Protection 9.4.3201.9 and earlier, ArcaVir 2009 Internet Security 9.4.3202.9 and earlier, ArcaVir 2009 System Protection 9.4.3203.9 and earlier, and ArcaBit 2009 Home Protection 9.4.3204.9 and earlier, allows local users to gain privileges via crafted METHOD_NEITHER IOCTL requests to \Device\ps_drv containing arbitrary kernel addresses, as demonstrated using the (1) 0x2A7B802B and possibly (2) 0x2A7B8004 and (3) 0x2A7B802F IOCTLs.

Affected products

Arcabit/Arcavir 2009 Antivirus Protection
cpe:2.3:a:arcabit:arcavir_2009_antivirus_protection:*:*:*:*:*:*:*:*
Range: <=9.4.3201.9
Arcabit/Arcavir 2009 Home Protection
cpe:2.3:a:arcabit:arcavir_2009_home_protection:*:*:*:*:*:*:*:*
Range: <=9.4.3204.9
Arcabit/Arcavir 2009 Internet Security
cpe:2.3:a:arcabit:arcavir_2009_internet_security:*:*:*:*:*:*:*:*
Range: <=9.4.3202.9
Arcabit/Arcavir 2009 System Protection
cpe:2.3:a:arcabit:arcavir_2009_system_protection:*:*:*:*:*:*:*:*
Range: <=9.4.3203.9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ntinternals.org/ntiadv0814/PsDrv_Exp.zipnvdExploit
ntinternals.org/ntiadv0814/ntiadv0814.htmlnvdExploit
www.securityfocus.com/bid/35100nvdExploit
secunia.com/advisories/35260nvdVendor Advisory
www.vupen.com/english/advisories/2009/1428nvdVendor Advisory
www.exploit-db.com/exploits/8782nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000