CVE-2007-4216 - Vulnerability Details - OpenCVE

vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Checkpoint	Zonealarm

Configuration 1 [-]

OR	cpe:2.3:a:checkpoint:zonealarm::::::::
	cpe:2.3:a:checkpoint:zonealarm:5.0.63.0:::::::*
	cpe:2.3:a:checkpoint:zonealarm:6.1.744.001:::::::*

No data.

References

Link	Providers
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585
http://secunia.com/advisories/26513
http://securitytracker.com/id?1018589
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53
http://www.securityfocus.com/archive/1/477155/100/0/threaded
http://www.securityfocus.com/bid/25365
http://www.securityfocus.com/bid/25377
http://www.vupen.com/english/advisories/2007/2929
https://exchange.xforce.ibmcloud.com/vulnerabilities/36107

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-08-21T17:00:00

Updated: 2024-08-07T14:46:39.401Z

Reserved: 2007-08-08T00:00:00

Link: CVE-2007-4216

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-08-21T17:17:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-4216

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-08-20T00:00:00", "descriptions": [{"lang": "en", "value": "vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "26513", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/26513"}, {"name": "zonealarm-vsdatant-privilege-escalation(36107)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36107"}, {"name": "ADV-2007-2929", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/2929"}, {"name": "1018589", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1018589"}, {"name": "25365", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25365"}, {"name": "20070820 Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585"}, {"name": "25377", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25377"}, {"name": "20070820 [Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/477155/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4216", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "26513", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26513"}, {"name": "zonealarm-vsdatant-privilege-escalation(36107)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36107"}, {"name": "ADV-2007-2929", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/2929"}, {"name": "1018589", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1018589"}, {"name": "25365", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25365"}, {"name": "20070820 Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585"}, {"name": "25377", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25377"}, {"name": "20070820 [Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/477155/100/0/threaded"}, {"name": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53", "refsource": "MISC", "url": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T14:46:39.401Z"}, "title": "CVE Program Container", "references": [{"name": "26513", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/26513"}, {"name": "zonealarm-vsdatant-privilege-escalation(36107)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36107"}, {"name": "ADV-2007-2929", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/2929"}, {"name": "1018589", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1018589"}, {"name": "25365", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25365"}, {"name": "20070820 Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585"}, {"name": "25377", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25377"}, {"name": "20070820 [Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/477155/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4216", "datePublished": "2007-08-21T17:00:00", "dateReserved": "2007-08-08T00:00:00", "dateUpdated": "2024-08-07T14:46:39.401Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:zonealarm:*:*:*:*:*:*:*:*", "matchCriteriaId": "58FAC945-D7DA-4951-9D64-61D88E5D1FBD", "versionEndIncluding": "7.0.337.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:checkpoint:zonealarm:5.0.63.0:*:*:*:*:*:*:*", "matchCriteriaId": "41BDE4E4-86C3-4F51-A52B-429AFA143698", "vulnerable": true}, {"criteria": "cpe:2.3:a:checkpoint:zonealarm:6.1.744.001:*:*:*:*:*:*:*", "matchCriteriaId": "A714FC07-8279-45B4-BC84-5CE881260511", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations."}, {"lang": "es", "value": "vsdatant.sys versi\u00f3n 6.5.737.0 en Check Point Zone Labs ZoneAlarm versiones anteriores a 7.0.362, permite a usuarios locales alcanzar privilegios por medio de un Interrupt Request Packet (Irp) dise\u00f1ado en una petici\u00f3n (1) IOCTL 0x8400000F o (2) IOCTL 0x8400000013 de METHOD_NEITHER, que puede ser usado para sobrescribir ubicaciones de memoria arbitrarias."}], "id": "CVE-2007-4216", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-08-21T17:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/26513"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1018589"}, {"source": "cve@mitre.org", "url": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/477155/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25365"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25377"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2929"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36107"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/26513"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1018589"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/477155/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25365"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25377"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/2929"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36107"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}