CVE-2017-12840 in DESLock+info

Zusammenfassung

von MITRE

A kernel driver, namely DLMFENC.sys, bundled with the DESLock+ client application 4.8.16 and earlier contains a locally exploitable heap based buffer overflow in the handling of an IOCTL message of type 0x0FA4204. The vulnerability is present due to the kernel driver failing to allocate sufficient memory on the kernel heap to contain a user supplied string as such the string is copied into a buffer of constant size (0x1000-bytes) and thus an overflow condition results. Access to the kernel driver is permitted through an obfuscated interface whereby bytes of user supplied message are "authenticated" via an obfuscation routine employing a linear equation.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

14.08.2017

Veröffentlichung

28.08.2017

Moderieren

akzeptiert

Eintrag

VDB-105811

CPE

bereit

CWE

CWE-119 (bestätigt)

CVSS

7.8 (NVD)

EPSS

0.00062

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-12840
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-12840
CVE Details	https://www.cvedetails.com/cve/CVE-2017-12840/

◂ Zurück Übersicht Weiter ▸

Do you know our Splunk app?

Download it now for free!