PT-2003-2254 · Zonealarm · Zonealarm Pro+3

Published

2003-12-31

Updated

2017-07-29

CVE-2003-1309

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ZoneAlarm versions prior to 3.7.211 ZoneAlarm Pro versions prior to 4.0.146.029 ZoneAlarm Plus versions prior to 4.0.146.029

Description The issue allows local users to gain privileges via certain signals to the DeviceIoControl function in the TrueVector Device Driver (VSDATANT).

Recommendations For ZoneAlarm versions prior to 3.7.211, update to version 3.7.211 or later. For ZoneAlarm Pro versions prior to 4.0.146.029, update to version 4.0.146.029 or later. For ZoneAlarm Plus versions prior to 4.0.146.029, update to version 4.0.146.029 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-1309

Affected Products

Truevector Device Driver

Zonealarm

Zonealarm Plus

Zonealarm Pro

PT-2003-2254 · Zonealarm · Zonealarm Pro+3

CVE-2003-1309

Related Identifiers

Affected Products

References · 10