Vulnerabilities > Truecrypt Project

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-19	CVE-2014-2885	Resource Exhaustion vulnerability in Truecrypt Project Truecrypt 7.1 Multiple integer overflows in TrueCrypt 7.1a allow local users to (1) obtain sensitive information via vectors involving a crafted item->OriginalLength value in the MainThreadProc function in EncryptedIoQueue.c or (2) cause a denial of service (memory consumption) via vectors involving large StartingOffset and Length values in the ProcessVolumeDeviceControlIrp function in Ntdriver.c. local low complexity truecrypt-project CWE-400	7.1
2018-03-19	CVE-2014-2884	Improper Access Control vulnerability in Truecrypt Project Truecrypt 7.1 The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt 7.1a allows local users to bypass access restrictions and obtain sensitive information about arbitrary files via a (1) TC_IOCTL_OPEN_TEST or (2) TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG IOCTL call. local low complexity truecrypt-project CWE-284	3.3

Vulnerabilities > Truecrypt Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Truecrypt Project"}]}