Date published: 2014-11-20T08:55:00.093-05:00
Date last modified: 2014-11-20T09:04:23.263-05:00
CVSS Score: 7.2
Principal attack vector: LOCAL
Reference URL: http://packetstormsecurity.com/files/129172/Faronics-Deep-Freeze-Arbitrary-Code-Execution.html
Summary: The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service (crash) and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function.