The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack").
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html | Exploit Vendor Advisory |
http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html | |
http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt | |
http://sec-labs.hack.pl/papers/win32ddc.php | |
http://secunia.com/advisories/9459 | Patch Vendor Advisory |
http://www.osvdb.org/2375 | Patch Vendor Advisory |
http://www.osvdb.org/4362 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/8342 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/12824 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2003-12-31 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2003-1309
Mitre link : CVE-2003-1309
CVE.ORG link : CVE-2003-1309
JSON object : View
Products Affected
zonelabs
- zonealarm
CWE