CVE-2003-1309

Sažetak

The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack").

Reference

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html
http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html
http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt
http://sec-labs.hack.pl/papers/win32ddc.php
http://secunia.com/advisories/9459
http://www.osvdb.org/2375
http://www.osvdb.org/4362
http://www.securityfocus.com/bid/8342
https://exchange.xforce.ibmcloud.com/vulnerabilities/12824

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-07-2017 - 01:29

Objavljeno

31-12-2003 - 05:00