exploitDog

CVE-2009-0824

Опубликовано: 14 мар. 2009

Источник: nvd

CVSS2: 4.9

EPSS Низкий

Описание

Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to cause a denial of service (system crash) via a crafted IOCTL call.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:slysoft:anydvd:*:*:*:*:*:*:*:*

Версия до 6.5.2.2 (включая)

cpe:2.3:a:slysoft:clonecd:*:*:*:*:*:*:*:*

Версия до 5.3.1.3 (включая)

cpe:2.3:a:slysoft:clonedvd:*:*:*:*:*:*:*:*

Версия до 2.9.2.0 (включая)

cpe:2.3:a:slysoft:virtualclonedrive:*:*:*:*:*:*:*:*

Версия до 5.4.2.3 (включая)

EPSS

Процентиль: 31%

0.00119

Низкий

4.9 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-526v-hfw3-w58p

github

почти 4 года назад

Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to cause a denial of service (system crash) via a crafted IOCTL call.

EPSS

Процентиль: 31%

0.00119

Низкий

4.9 Medium

CVSS2

Дефекты

CWE-119