AnyDVD ElbyCDIO.sys IOCTL Handling Vulnerability

Secunia ID	SA34269
CVE-ID	CVE-2009-0824
Release Date	13 Mar 2009
Last Change	23 Mar 2009
Criticality	Less Critical Typically used for cross-site scripting vulnerabilities and privilege escalation vulnerabilities. This rating is also used for vulnerabilities allowing exposure of sensitive data to local users.
Solution Status	Vendor Patch
Software	AnyDVD 6.x
Where	Local system "Local system" describes vulnerabilities where the attack vector requires that the attacker is a local user on the system.
Impact	DoS (Denial of Service) This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. Privilege escalation This covers vulnerabilities where a user is able to conduct certain tasks with the privileges of other users or administrative users. This typically includes cases where a local user on a client or server system can gain access to the administrator or root account thus taking full control of the system.
Description	A vulnerability has been reported in AnyDVD, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges. The vulnerability is caused due to insufficient validation of user space data provided to the ElbyCDIO.sys kernel driver. This can be exploited to trigger a memory corruption and potentially execute arbitrary code in kernel space via a specially crafted IOCTL request. The vulnerability is reported in versions 6.5.2.2 and prior.
Solution	Update to version 6.5.2.6 or later.
Reported by	Nikita Tarakanov, Positive Technologies
Original Advisory	Positive Technologies: http://en.securitylab.ru/lab/PT-2009-11 SlySoft: http://www.slysoft.com/download/changes_anydvd.txt NT Internals: http://www.ntinternals.org/ntiadv0812/ntiadv0812.html