KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device.Referenceshttp://www.securityfocus.com/bid/40342https://exchange.xforce.ibmcloud.com/vulnerabilities/58780http://secunia.com/advisories/39916http://www.exploit-db.com/exploits/12710
