CVE-2008-4362

Name of the Vulnerable Software and Affected Versions: DESlock+ version 3.2.7

Description: The issue allows local users to cause a denial of service, resulting in a system crash. This is achieved by sending a crafted IOCTL request to the DeviceDLPTokenWalter0 device.

Recommendations: For DESlock+ version 3.2.7, consider restricting access to the Virtual Token driver (vdlptokn.sys) to minimize the risk of exploitation. As a temporary workaround, avoid using the IOCTL request to DeviceDLPTokenWalter0 until a patch is available.