Back to search
CVE-2009-0824
Published: Mar 14, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to cause a denial of service (system crash) via a crafted IOCTL call.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
34288
third-party-advisory
x_refsource_SECUNIA
http://www.slysoft.com/download/changes_clonedvd.txt
x_refsource_CONFIRM
slysoft-elbycdio-dos(49232)
vdb-entry
x_refsource_XF
34289
third-party-advisory
x_refsource_SECUNIA
34269
third-party-advisory
x_refsource_SECUNIA
34287
third-party-advisory
x_refsource_SECUNIA
http://www.slysoft.com/download/changes_anydvd.txt
x_refsource_CONFIRM
http://en.securitylab.ru/lab/PT-2009-11
x_refsource_MISC
34103
vdb-entry
x_refsource_BID
52679
vdb-entry
x_refsource_OSVDB
20090312 [Suspected Spam][PT-2009-11] SlySoft Multiple Products ElbyCDIO.sys Denial of Service
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now