Unrated severityNVD Advisory· Published Dec 31, 2003· Updated Apr 16, 2026

CVE-2003-1309

Description

The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack").

Affected products

Zonelabs/Zonealarm3 versions
cpe:2.3:a:zonelabs:zonealarm:3.7.202:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:zonelabs:zonealarm:3.7.202:*:*:*:*:*:*:*
- cpe:2.3:a:zonelabs:zonealarm:3.7.211:*:plus:*:*:*:*:*
- cpe:2.3:a:zonelabs:zonealarm:3.7.211:*:pro:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/9459nvdPatchVendor Advisory
www.osvdb.org/2375nvdPatchVendor Advisory
www.osvdb.org/4362nvdPatchVendor Advisory
archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.htmlnvdExploitVendor Advisory
www.securityfocus.com/bid/8342nvdVendor Advisory
download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.htmlnvd
sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txtnvd
sec-labs.hack.pl/papers/win32ddc.phpnvd
exchange.xforce.ibmcloud.com/vulnerabilities/12824nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000