CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
AI Score
Confidence
High
EPSS
Percentile
22.9%
An improper buffer validation vulnerability was found in SlySoft products. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited locally at a point related to ElbyCDIO.sys via a specially designed IOCTL call.
Public exploits exist for this vulnerability.
CVE-2009-0824 warning
Update to latest version
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
www.slysoft.com/download/changes_anydvd.txt
www.slysoft.com/download/changes_clonecd.txt
www.slysoft.com/download/changes_clonedvd.txt
statistics.securelist.com/
threats.kaspersky.com/en/product/AnyDVD/
threats.kaspersky.com/en/product/elby-CloneDVD/
threats.kaspersky.com/en/product/SlySoft-CloneCD/
threats.kaspersky.com/en/product/SlySoft-Virtual-CloneDrive/