CVE-2018-10655

DLPnpAuditor.exe in DeviceLock Plug and Play Auditor freeware 5.72 has a Unicode Buffer Overflow SEH...

Buffer overflow

DLPnpAuditor.exe in DeviceLock Plug and Play Auditor freeware 5.72 has a Unicode Buffer Overflow SEH...

CVE-2018-10655

The CVE-2018-10655 entry affects DeviceLock Plug and Play Auditor (DLPnpAuditor.exe) v5.72 (freeware). The vulnerability is a Unicode buffer overflow (SEH) in DLPnpAuditor.exe triggered by a specially crafted text file used with the “scan network” option, enabling arbitrary code execution on the ...

CVE-2018-10655

DLPnpAuditor.exe in DeviceLock Plug and Play Auditor freeware 5.72 has a Unicode Buffer Overflow SEH...

DeviceLock Plug And Play Auditor 5.72 Buffer Overflow

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DEVICELOCK-PLUG-PLAY-AUDITOR-v5.72-UNICODE-BUFFER-OVERFLOW.txt + ISR: Apparition Security Vendor: ======== https://www.devicelock.com/freeware.html/ Product: ======== DeviceLock Plug and...

DeviceLock Plug and Play Auditor 5.72 - Unicode Buffer Overflow (SEH)

DeviceLock Plug and Play Auditor 5.72 - Unicode Buffer Overflow SEH Exploit Title: DeviceLock Plug and Play Auditor 5.72 - Unicode Buffer Overflow SEH Date: 2018-05-04 Exploit Author: Youssef mami Vendor Homepage: https://www.devicelock.com/freeware.html/ Version: 5.72 CVE : CVE-2018-10655 Securi...

devicelock.datasystem.ru XSS vulnerability

Vulnerable URL: https://devicelock.datasystem.ru/search/?query=xss%22%3E%3Csvg%2Fonload%3Dprompt%28%2Fopenbugbounty%2F%29%3E=2=18 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1605618 VIP website status:| No...

CVE-2006-4184

SmartLine DeviceLock before 5.73 Build 305 does not properly enforce access control lists ACL in raw mode, which allows local users to bypass NTFS controls and obtain sensitive information...

CVE-2006-4184

SmartLine DeviceLock before 5.73 Build 305 does not properly enforce access control lists ACL in raw mode, which allows local users to bypass NTFS controls and obtain sensitive information...

CVE-2006-4184

SmartLine DeviceLock before 5.73 Build 305 has an ACL enforcement issue in raw mode that allows local users to bypass NTFS controls and obtain sensitive information. Root cause: improper ACL handling in raw mode. Impact: local privilege or information exposure as described in the CVE notes. Explo...

KLA10136 OSI vulnerability in DeviceLock

Improper ACL enforcing was found in DeviceLock. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited locally. Original advisories - Related products DeviceLock CVE list CVE-2006-4184 warning Solution Update to latest version Impact...

Local privilege Escalation in SmartLine DeviceLock 5.73

The vulnerability constitutes of wrong ACLs on Device Object permission set by the driver. Whenever your ACLs on a harddrive or partition, as configured by DeviceLock Manager, only consists of Allow entries and Deny being the default, then the driver sets the ACLs on the kernel's internal object...

Unauthorized SmartLine DeviceLock disk access

In specific configuration local user can access content of any logical drive...