DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users to gain privileges via a certain DLKFDISK_IOCTL request to \\.\DLKFDisk_Control that overwrites a data structure associated with a mounted pseudo-filesystem, aka the "ring0 SYSTEM" vulnerability.
References
Link | Resource |
---|---|
http://secunia.com/advisories/29005 | Vendor Advisory |
http://www.vupen.com/english/advisories/2008/0597 | |
https://www.exploit-db.com/exploits/5144 |
Configurations
Information
Published : 2008-03-04 12:44
Updated : 2017-09-28 18:30
NVD link : CVE-2008-1140
Mitre link : CVE-2008-1140
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
deslock
- deslock