CVE-2003-1309
First published: Wed Dec 31 2003(Updated: )
The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack").
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zonelabs ZoneAlarm | =3.7.211 | |
| Zonelabs ZoneAlarm | =3.7.202 | |
| Zonelabs ZoneAlarm | =3.7.211 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html
- http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt
- http://sec-labs.hack.pl/papers/win32ddc.php
- http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html
- http://www.securityfocus.com/bid/8342
- http://www.osvdb.org/2375
- http://www.osvdb.org/4362
- http://secunia.com/advisories/9459
- https://exchange.xforce.ibmcloud.com/vulnerabilities/12824
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/zonelabs
- canonical/zonelabs zonealarm
- version/zonelabs zonealarm/3.7.211
- version/zonelabs zonealarm/3.7.202