Heap-based buffer overflow in the tvtumin.sys kernel driver in Lenovo Rescue and Recovery 4.20, including 4.20.0511 and 4.20.0512, allows local users to execute arbitrary code via a long file name.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4589)