KLA10064DoS vulnerability in SlySoft

2009-03-14T00:00:00
ID KLA10064
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

03/14/2009

Severity:

Warning

Description:

An improper buffer validation vulnerability was found in SlySoft products. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited locally at a point related to ElbyCDIO.sys via a specially designed IOCTL call.

Affected products:

SlySoft AnyDVD versions 6.5.2.2 and earlier
SlySoft Virtual CloneDrive versions 5.4.2.3 and earlier
SlySoft CloneDVD versions 2.9.2.0 and earlier
SlySoft CloneCD versions 5.3.1.3 and earlier

Solution:

Update to latest version

Original advisories:

CloneCD Changelog
AnyDVD Changelog
CloneDVD Changelog

Impacts:

DoS

Related products:

SlySoft CloneCD

CVE-IDS:

CVE-2009-08244.9Warning