Lucene search
MitreCVE-2014-2382HistoryNov 20, 2014 - 1:55 p.m.
CVE-2014-2382
2014-11-2013:55:00
CWE-399
mitre
web.nvd.nist.gov
34
cve-2014-2382
dfdisklo.sys
faronics deep freeze
standard
enterprise
denial of service
crash
arbitrary code
ioctl request
iofcalldriver
nvd.
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
50.7%
The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service (crash) and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function.
Affected configurations
Node
faronicsdeep_freezeRange≤8.10enterprise
ORfaronicsdeep_freezeRange≤8.10standard
| Vendor | Product | Version | CPE |
|---|---|---|---|
| faronics | deep_freeze | * | cpe:2.3:a:faronics:deep_freeze:*:*:*:*:enterprise:*:*:* |
| faronics | deep_freeze | * | cpe:2.3:a:faronics:deep_freeze:*:*:*:*:standard:*:*:* |
Related
prion
prion
Memory corruption
2014-11-20 13:55:00
zdt
zdt
Faronics Deep Freeze Arbitrary Code Execution Vulnerability
2014-11-20 00:00:00
nvd
nvd
CVE-2014-2382
2014-11-20 13:55:00
cvelist
cvelist
CVE-2014-2382
2014-11-20 11:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
50.7%
Related for CVE-2014-2382