Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2008-1139

Published: 04/03/2008 Updated: 29/09/2017
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

DESlock+ 3.2.6 and previous versions, when DLMFENC.sys 1.0.0.26 and DLMFDISK.sys 1.2.0.27 are present, allows local users to gain privileges via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, aka the "ring0 link list zero SYSTEM" vulnerability.

Vulnerable Product Search on Vulmon Subscribe to Product

deslock deslock

Exploits

Exploit DB: DESlock+ < 3.2.6 - Local Kernel Ring0 link list zero SYSTEM
/* deslock-list-zero-v2c * * Copyright (c) 2008 by &lt;mu-b@digit-labsorg&gt; * * DESlock+ &lt;= 326 local kernel ring0 link list zero SYSTEM exploit * by mu-b - Fri 28 Dec 2007 * * - Tested on: DLMFENCsys 10026, DLMFDISKsys 12027 * - Microsoft Windows 2003 SP2 * - Microsoft Windows XP SP2 * * Compil ...

References

CWE-264http://secunia.com/advisories/29005http://www.vupen.com/english/advisories/2008/0597https://www.exploit-db.com/exploits/5143https://nvd.nist.govhttps://www.exploit-db.com/exploits/5143/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842CVE-2024-30657CVE-2024-4534hardcodedSSRFCVE-2024-21683CVE-2024-5364file uploadCVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook