{"vuid":"VU#741315","idnumber":"741315","name":"Dokan file system driver contains a stack-based buffer overflow","keywords":["Dokan","stack-based buffer overflow","CWE-121","CVE-2018-5410"],"overview":"A system driver in the Dokan Open Source File System contains a stack-based buffer overflow, which could allow an attacker to gain elevated privileges on the host machine.","clean_desc":"CWE-121:Stack-based Buffer Overflow - CVE-2018-5410 Dokan,versions between 1.0.0.5000 and 1.2.0.1000,are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.","impact":"An attacker could corrupt the kernel memory and elevate their system privileges to gain control of the system.","resolution":"Update to the newest version\nDokan developers have released a new version, 1.2.1, that fixes this vulnerability by validating the user input. Please see the update here.","workarounds":"","sysaffected":"","thanks":"Thanks to Parvez Anwar for reporting this vulnerability.","author":"This document was written by Madison Oliver.","public":["https://cwe.mitre.org/data/definitions/121.html","https://github.com/dokan-dev/dokany","https://github.com/dokan-dev/dokany/commit/4954cc0a3299b20274ac64bf52d6c285a1f40b0f","https://github.com/dokan-dev/dokany/releases/tag/v1.2.1.1000","https://keybase.io/docs/secadv/kb003"],"cveids":["CVE-2018-5410"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2018-11-30T21:25:17Z","publicdate":"2018-12-21T00:00:00Z","datefirstpublished":"2018-12-20T20:49:53Z","dateupdated":"2019-01-15T16:31:36Z","revision":27,"vrda_d1_directreport":"1","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"L","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"C","cvss_integrityimpact":"P","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"OF","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"ND","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"5.2","cvss_basevector":"AV:L/AC:L/Au:S/C:C/I:P/A:N","cvss_temporalscore":"4.3","cvss_environmentalscore":"4.337658584028","cvss_environmentalvector":"CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}