CVE-2008-4363

CVE-2008-4363 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) or potentially execute arbitrary code via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was intended.

Learn more about our User Device Pen Test.