Symantec Norton Personal Firewall hooks many functions in SSDT and in at least two cases it fails to validate arguments that come from the user mode. This exploit demonstrates this vulnerability.
5729c25d96bb98b38aa36575d769cc3b159e9000966a289c90f4ed2bd71ce1ca