CVE-2008-4363

2008-09-30T23:24:00
ID CVE-2008-4363
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:32:00

Description

DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) or potentially execute arbitrary code via a certain DLMFENC_IOCTL request to \.\DLKPFSD_Device that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was intended.