ZoneAlarm VSDATANT IOCTL Handler Privilege Escalation Exploit Update

This module exploits a vulnerability in ZoneAlarm products when the 0x8400000F function is invoked with a specially crafted parameter. The IOCTL 0x8400000F handler in the VSDATANT.SYS device driver in ZoneAlarm products allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters to obtain escalated privileges. This update adds support for Windows XP SP3.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2007-4216
Product Version: 
7.6
Released Date: 
Wednesday, October 22, 2008 - 00:00