CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2003-1309

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0930%
EPSS Percentile4.41th
Published2003年12月31日
Last Modified2026年4月16日

Vulnerability Description

The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack").

Affected Platforms (CPE)

📦
Zonelabs

Zonealarm

= 3.7.202
📦
Zonelabs

Zonealarm

= 3.7.211
📦
Zonelabs

Zonealarm

= 3.7.211

References & Advisories

🔗 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html
🔗 http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html
🔗 http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt
🔗 http://sec-labs.hack.pl/papers/win32ddc.php
🔗 http://secunia.com/advisories/9459
🔗 http://www.osvdb.org/2375
🔗 http://www.osvdb.org/4362
🔗 http://www.securityfocus.com/bid/8342

相關漏洞威脅

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...

CVE-2004-030910.0

Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity...

CVE-2020-60138.8

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to ...

CVE-2019-84527.8

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Wind...