2 matches found
CVE-2017-12840
CVE-2017-12840 describes a kernel-driver (DLMFENC.sys) included with DESLock+ client v4.8.16 and earlier that suffers a local heap-based buffer overflow when handling IOCTL 0x0FA4204. The vulnerability arises from failing to allocate enough memory for a user-supplied string, which is copied into ...
CVE-2009-4832
CVE-2009-4832 affects the dlpcrypt.sys kernel driver (version 0.1.1.27) in DESlock+ 4.0.2. The vulnerability allows local privilege escalation via a crafted IOCTL 0x80012010 sent to the DLPCryptCore device. Documents identify the affected component and the exact IOCTL vector but do not provide ex...