Back to search
CVE-2018-5410
Published: Jan 7, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.
| Vendor | Product | Versions |
|---|---|---|
Dokan | Open Source File System | affected 1.0.0.5000 - < 1.0.0.5000*affected 1.2.0.1000 - <= 1.2.0.1000 |
Weaknesses (CWE)
References
VU#741315
third-party-advisory
x_refsource_CERT-VN
46155
exploit
x_refsource_EXPLOIT-DB
https://cwe.mitre.org/data/definitions/121.html
x_refsource_MISC
https://github.com/dokan-dev/dokany/releases/tag/v1.2.1.1000
x_refsource_CONFIRM
106274
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now