CVE-2017-12840

Name of the Vulnerable Software and Affected Versions DESLock+ client application versions 4.8.16 and earlier

Description The issue arises from a locally exploitable heap-based buffer overflow in the DLMFENC.sys kernel driver. This occurs when handling an IOCTL message of type 0x0FA4204, due to insufficient memory allocation on the kernel heap for a user-supplied string. The string is copied into a constant size buffer (0x1000 bytes), resulting in an overflow condition. Access to the kernel driver is possible through an obfuscated interface, where user-supplied message bytes are "authenticated" using an obfuscation routine with a linear equation.

Recommendations For DESLock+ client application versions 4.8.16 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.