CVE-2011-0513

Securstar Drivecrypt < 5.4 - Improper Input Validation

Title source: rule

Description

DCR.sys driver in SecurStar DriveCrypt 5.4, 5.3, and earlier allows local users to execute arbitrary code via a crafted argument to the 0x00073800 IOCTL.

Exploits (1)

exploitdb WORKING POC

by mu-b · clocalwindows

https://www.exploit-db.com/exploits/15972

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://secunia.com/advisories/42881

[Exploit] http://www.exploit-db.com/exploits/15972

[Exploit] http://www.securityfocus.com/bid/45750

[Vendor Advisory] http://www.vupen.com/english/advisories/2011/0084

[Third Party Advisory, VDB Entry] http://osvdb.org/70426

Scores

EPSS 0.0031

EPSS Percentile 53.8%

Details

CWE

CWE-20

Status published

Products (6)

securstar/drivecrypt 4.6

securstar/drivecrypt 4.61

securstar/drivecrypt 5.0

securstar/drivecrypt 5.1

securstar/drivecrypt 5.3

securstar/drivecrypt < 5.4

Published Jan 20, 2011

Tracked Since Feb 18, 2026