Elaborate Bytes ElbyCDIO.sys 6.0.2.0 and earlier, as distributed in SlySoft AnyDVD before 6.5.2.6, Virtual CloneDrive 5.4.2.3 and earlier, CloneDVD 2.9.2.0 and earlier, and CloneCD 5.3.1.3 and earlier, uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to cause a denial of service (system crash) via a crafted IOCTL call.
https://exchange.xforce.ibmcloud.com/vulnerabilities/49232
http://www.slysoft.com/download/changes_clonedvd.txt
http://www.slysoft.com/download/changes_anydvd.txt
http://www.securityfocus.com/bid/34103
http://www.securityfocus.com/archive/1/501713/100/0/threaded
http://secunia.com/advisories/34289
http://secunia.com/advisories/34288
http://secunia.com/advisories/34287