CVE-2008-1140 : DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users to gain p

DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users to gain privileges via a certain DLKFDISK_IOCTL request to \\.\DLKFDisk_Control that overwrites a data structure associated with a mounted pseudo-filesystem, aka the "ring0 SYSTEM" vulnerability.

Published 2008-03-04 20:44:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2008-1140

Deslock » Deslock
Versions up to, including, (<=) 3.2.6
cpe:2.3:a:deslock:deslock:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2008-1140

EPSS FAQ

0.14%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 35 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2008-1140

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2008-1140

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2008-1140

Jump to

Vulnerability Details : CVE-2008-1140

Products affected by CVE-2008-1140

Exploit prediction scoring system (EPSS) score for CVE-2008-1140

CVSS scores for CVE-2008-1140

CWE ids for CVE-2008-1140

References for CVE-2008-1140