CVE-2014-2382CVE-2014-2382

Affected configuration(s):

cpe:/a:faronics:deep_freeze:8.10::~~enterprise~~~
cpe:/a:faronics:deep_freeze:8.10::~~standard~~~

Date published: 2014-11-20T08:55:00.093-05:00

Date last modified: 2014-11-20T09:04:23.263-05:00

CVSS Score: 7.2

Principal attack vector: LOCAL

Complexity:  LOW

Reference URL: http://packetstormsecurity.com/files/129172/Faronics-Deep-Freeze-Arbitrary-Code-Execution.html

Summary: The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service (crash) and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.