Lucene search
HistoryMar 04, 2008 - 8:44 p.m.
CVE-2008-1140
cve-2008-1140
dlmfdisk.sys
deslock+
privilege escalation
vulnerability
nvd
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
0.4%
DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users to gain privileges via a certain DLKFDISK_IOCTL request to \.\DLKFDisk_Control that overwrites a data structure associated with a mounted pseudo-filesystem, aka the “ring0 SYSTEM” vulnerability.
Affected configurations
Node
deslockdeslockRange≤3.2.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| deslock:deslock | deslock | le | 3.2.6 |
Related
prion
prion
Design/Logic Flaw
2008-03-04 20:44:00
cvelist
cvelist
CVE-2008-1140
2008-03-04 20:00:00
nvd
nvd
CVE-2008-1140
2008-03-04 20:44:00
nessus
nessus
DESlock+ < 3.2.7 Multiple Local Vulnerabilities
2008-02-20 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
0.4%
Related for CVE-2008-1140