Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to cause a denial of service (system crash) via a crafted IOCTL call.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:00
Type | Values Removed | Values Added |
---|---|---|
References | () http://en.securitylab.ru/lab/PT-2009-11 - | |
References | () http://osvdb.org/52679 - | |
References | () http://secunia.com/advisories/34269 - | |
References | () http://secunia.com/advisories/34287 - | |
References | () http://secunia.com/advisories/34288 - | |
References | () http://secunia.com/advisories/34289 - | |
References | () http://www.securityfocus.com/archive/1/501713/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/34103 - | |
References | () http://www.slysoft.com/download/changes_anydvd.txt - | |
References | () http://www.slysoft.com/download/changes_clonedvd.txt - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/49232 - |
Information
Published : 2009-03-14 18:30
Updated : 2024-11-21 01:00
NVD link : CVE-2009-0824
Mitre link : CVE-2009-0824
CVE.ORG link : CVE-2009-0824
JSON object : View
Products Affected
slysoft
- virtualclonedrive
- clonecd
- clonedvd
- anydvd
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer