Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
https://www.exploit-db.com/exploits/4911
https://exchange.xforce.ibmcloud.com/vulnerabilities/39694
http://www.vupen.com/english/advisories/2008/0170