CVE-2003-1309 Information

Description

The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211 Pro before 4.0.146.029 and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka \Device Driver Attack).

Reference

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt http://sec-labs.hack.pl/papers/win32ddc.php http://secunia.com/advisories/9459 http://www.osvdb.org/2375 http://www.osvdb.org/4362 http://www.securityfocus.com/bid/8342 https://exchange.xforce.ibmcloud.com/vulnerabilities/12824