CVE-2008-4363

Name of the Vulnerable Software and Affected Versions: DESlock+ version 3.2.7

Description: The issue allows local users to cause a denial of service or potentially execute arbitrary code via a certain request to the ".DLKPFSD Device" endpoint. This is probably related to the use of the ProbeForRead function when ProbeForWrite was intended.

Recommendations: For DESlock+ version 3.2.7, consider disabling the DLMFENC.sys driver until a patch is available to prevent potential exploitation. Restrict access to the ".DLKPFSD Device" endpoint to minimize the risk of a denial of service or code execution.