Vulnerabilities > Deslock
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-28 | CVE-2017-12840 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Deslock Deslock+ A kernel driver, namely DLMFENC.sys, bundled with the DESLock+ client application 4.8.16 and earlier contains a locally exploitable heap based buffer overflow in the handling of an IOCTL message of type 0x0FA4204. | 7.2 |
| 2010-04-29 | CVE-2009-4832 | Permissions, Privileges, and Access Controls vulnerability in Deslock Deslock+ 4.0.2 The dlpcrypt.sys kernel driver 0.1.1.27 in DESlock+ 4.0.2 allows local users to gain privileges via a crafted IOCTL 0x80012010 request to the DLPCryptCore device. | 7.2 |
| 2008-09-30 | CVE-2008-4363 | Improper Input Validation vulnerability in Deslock 3.2.7 DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) or potentially execute arbitrary code via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was intended. | 7.2 |
| 2008-09-30 | CVE-2008-4362 | Resource Management Errors vulnerability in Deslock 3.2.7 The Virtual Token driver (vdlptokn.sys) 1.0.2.43 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) via a crafted IOCTL request to \Device\DLPTokenWalter0. | 4.9 |
| 2008-03-04 | CVE-2008-1141 | Resource Management Errors vulnerability in Deslock Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (kernel memory consumption) via a series of DLMFENC_IOCTL requests to \\.\DLKPFSD_Device that allocate "link list structures." | 4.9 |
| 2008-03-04 | CVE-2008-1140 | Permissions, Privileges, and Access Controls vulnerability in Deslock DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users to gain privileges via a certain DLKFDISK_IOCTL request to \\.\DLKFDisk_Control that overwrites a data structure associated with a mounted pseudo-filesystem, aka the "ring0 SYSTEM" vulnerability. | 7.2 |
| 2008-03-04 | CVE-2008-1139 | Permissions, Privileges, and Access Controls vulnerability in Deslock DESlock+ 3.2.6 and earlier, when DLMFENC.sys 1.0.0.26 and DLMFDISK.sys 1.2.0.27 are present, allows local users to gain privileges via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, aka the "ring0 link list zero SYSTEM" vulnerability. | 7.2 |
| 2008-03-04 | CVE-2008-1138 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Deslock DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (system crash) via a certain ZERO_MEM DLMFENC_IOCTL request to \\.\DLKPFSD_Device, aka the "ring0 link list zero" vulnerability. | 4.9 |