Privilege Escalation in Check Point Zone Labs ZoneAlarm
CVE-2007-4216

Currently unrated

Key Information:

Vendor
Checkpoint
Status
Vendor
CVE Published:
21 August 2007

Summary

The vsdatant.sys component in Check Point's Zone Labs ZoneAlarm, specifically versions before 7.0.362, is susceptible to a privilege escalation vulnerability. By exploiting crafted Interrupt Request Packets (IRPs) using METHOD_NEITHER IOCTL requests (0x8400000F or 0x84000013), an attacker can overwrite arbitrary memory locations, leading to unauthorized privilege escalation for local users.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.