Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1140

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-1140
Last Modified 07 Mar 2011 10:06:00
Published 04 Mar 2008 03:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-1140

Summary

DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users to gain privileges via a certain DLKFDISK_IOCTL request to \\.\DLKFDisk_Control that overwrites a data structure associated with a mounted pseudo-filesystem, aka the "ring0 SYSTEM" vulnerability.

Vulnerable Systems

Application

  • Deslock 3.2.6


References

VUPEN - ADV-2008-0597

MILW0RM - 5144

SECUNIA - 29005


Last Updated: 27 May 2016 10:47:02