Release date:
Updated on:
Affected Systems:
WinMount 3.5.1018
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51034
Cve id: CVE-2011-5032
WinMount is a free Windows tool with functions such as compression, decompression, browsing compression, and mounting of DVDs, CD, and virtual machine Hard Disk Images.
The WinMount WMDrive. sys driver has a local denial of service vulnerability in the implementation of IOCTL processing. Local attackers can exploit this vulnerability to cause a system crash and cause a denial of service.
<* Source: ADLab
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
WinMount
--------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.winmount.com/