CVE-2008-5049

Name of the Vulnerable Software and Affected Versions ISecSoft Anti-Keylogger Elite versions 3.3.0 and earlier ISecSoft Anti-Keylogger Elite version 3.3.3

Description A buffer overflow issue exists in the AKEProtect.sys driver, specifically version 3.3.3.0, which can be exploited by local users to gain privileges. This is achieved by providing long inputs to certain IOCTLs, including (1) 0x002224A4, (2) 0x002224C0, and (3) 0x002224CC.

Recommendations For ISecSoft Anti-Keylogger Elite versions 3.3.0 and earlier, consider updating to a version that is not affected by this issue, if available. For ISecSoft Anti-Keylogger Elite version 3.3.3, consider updating to a version that is not affected by this issue, if available. As a temporary workaround, consider restricting access to the AKEProtect.sys driver to minimize the risk of exploitation.