← back
CVE-2008-4363

CVE-2008-4363

EPSS 1.2%
DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) or potentially execute arbitrary code via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was intended.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/6498unverifiedexploitdbwww.exploit-db.com/exploits/6497unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://digit-labs.org/files/exploits/deslock-probe-read.chttp://secunia.com/advisories/31921http://securityreason.com/securityalert/4342https://www.exploit-db.com/exploits/6498http://www.vupen.com/english/advisories/2008/2638