CVE-2018-5410

Summary

Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.

Affected Software

VendorProductVersion RangeStatus
DokanOpen Source File System1.0.0.5000 < 1.0.0.5000*affected
DokanOpen Source File System1.2.0.1000 <= 1.2.0.1000affected

Weaknesses

  • CWE-121: CWE-121: Stack-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References