12 matches found
EUVD-2014-2419
Malware in sbrugna...
EUVD-2024-17358
Malicious code in bioql PyPI...
Faronics Deep Freeze 缓冲区错误漏洞
Faronics Deep Freeze is a system recovery software developed by Faronics, Inc. A buffer error vulnerability exists in Faronics Deep Freeze version 9.00.020.5760, which stems from susceptibility to an out-of-bounds read vulnerability that can trigger the 0x70014 IOCTL code in the FarDisk.sys drive...
Code injection
A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, which affects versions 8.30.020.4627 and earlier. This vulnerability affects the DFServ.exe file. An attacker with local user privileges could exploit this vulnerability to replace the legitimate DFServ.exe...
CVE-2024-1618 Unquoted item or search path vulnerability in Faronics Deep Freeze Server Standard
A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, which affects versions 8.30.020.4627 and earlier. This vulnerability affects the DFServ.exe file. An attacker with local user privileges could exploit this vulnerability to replace the legitimate DFServ.exe...
CVE-2024-1618 Unquoted item or search path vulnerability in Faronics Deep Freeze Server Standard
A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, which affects versions 8.30.020.4627 and earlier. This vulnerability affects the DFServ.exe file. An attacker with local user privileges could exploit this vulnerability to replace the legitimate DFServ.exe...
CVE-2024-1618
Affected software: Faronics Deep Freeze Server Standard, version ≤ 8.30.020.4627. Vulnerable component: DFServ.exe (service). Root cause: Unquoted item / search path vulnerability that lets a malicious file with the same name be loaded if placed in a higher-priority directory. Impact: Local attac...
PT-2024-18171 · Faronics · Faronics Deep Freeze Server Standard
Name of the Vulnerable Software and Affected Versions: Faronics Deep Freeze Server Standard versions 8.30.020.4627 and earlier Description: A search path or unquoted item vulnerability affects the DFServ.exe file, allowing an attacker with local user privileges to replace the legitimate DFServ.ex...
Faronics Deep Freeze Code Issue Vulnerability
Faronics Deep Freeze is a system recovery software developed by Faronics, Inc. A code issue vulnerability exists in Faronics Deep Freeze version 8.30.020.4627 and prior versions, which originates from a malicious code execution that can be performed by renaming a malicious executable file to...
CVE-2014-2382
The CVE-2014-2382 issue affects the DfDiskLo.sys driver in Faronics Deep Freeze Standard/Enterprise ≤8.10. A crafted IOCTL request allows writing to arbitrary memory via the IofCallDriver path, enabling local administrators to crash the system or execute arbitrary code with kernel-level privilege...
CVE-2014-2382
The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service crash and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function...
Faronics Deep Freeze Arbitrary Code Execution Vulnerability
Faronics Deep Freeze Standard and Enterprise suffers from an arbitrary code execution vulnerability. Vulnerability title: Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise CVE: CVE-2014-2382 Vendor: Faronics Product: Deep Freeze Standard and Enterprise Affected version:...