CVE-2018-5410
N/A
N/A
Summary
Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dokan | Open Source File System | 1.0.0.5000 < 1.0.0.5000* | affected |
| Dokan | Open Source File System | 1.2.0.1000 <= 1.2.0.1000 | affected |
Weaknesses
- CWE-121: CWE-121: Stack-based Buffer Overflow
ADP Enrichment
CVE Program Container
Additional References
- https://kb.cert.org/vuls/id/741315/
- https://www.exploit-db.com/exploits/46155/
- https://cwe.mitre.org/data/definitions/121.html
- https://github.com/dokan-dev/dokany/releases/tag/v1.2.1.1000
- http://www.securityfocus.com/bid/106274
References
- https://kb.cert.org/vuls/id/741315/
- https://www.exploit-db.com/exploits/46155/
- https://cwe.mitre.org/data/definitions/121.html
- https://github.com/dokan-dev/dokany/releases/tag/v1.2.1.1000
- http://www.securityfocus.com/bid/106274
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.