Privilege Escalation in Check Point Zone Labs ZoneAlarm
CVE-2007-4216
Currently unrated
Summary
The vsdatant.sys component in Check Point's Zone Labs ZoneAlarm, specifically versions before 7.0.362, is susceptible to a privilege escalation vulnerability. By exploiting crafted Interrupt Request Packets (IRPs) using METHOD_NEITHER IOCTL requests (0x8400000F or 0x84000013), an attacker can overwrite arbitrary memory locations, leading to unauthorized privilege escalation for local users.
References
Timeline
Vulnerability published
Vulnerability Reserved