CVE-2003-1309

Published: Dec 31, 2003Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack").

Affected (3)

Products: Zonelabs: Zonealarm

Zonelabs

1 product

Zonealarm

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Zonelabs Zonealarm	Version 3.7.202
Zonelabs Zonealarm	Version 3.7.211
Zonelabs Zonealarm	Version 3.7.211

References (18)

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html

Source: cve@mitre.org

ExploitVendor Advisory

http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html

Source: cve@mitre.org

http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt

Source: cve@mitre.org

http://sec-labs.hack.pl/papers/win32ddc.php

Source: cve@mitre.org

http://secunia.com/advisories/9459

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/2375

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/4362

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/8342

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/12824

Source: cve@mitre.org

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html