All the vulnerabilites related to zonelabs - zonealarm
Vulnerability from fkie_nvd
Published
2000-04-24 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "90AB2A1E-E48F-478B-91A3-0F37DD4F152C",
"versionEndIncluding": "2.2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules."
}
],
"id": "CVE-2000-0339",
"lastModified": "2024-11-20T23:32:16.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1294"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1137"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000421044123.2353.qmail%40securityfocus.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000421044123.2353.qmail%40securityfocus.com"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:54
Severity ?
Summary
Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that it does not affect product functionality since the same information is also saved in a protected file
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:1.0:*:pro:*:*:*:*:*",
"matchCriteriaId": "C754CC13-8B9A-40BE-A2EE-25E3ADCBE8E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\\Internet Logs\\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that it does not affect product functionality since the same information is also saved in a protected file"
}
],
"id": "CVE-2004-2713",
"lastModified": "2024-11-20T23:54:02.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-08/0389.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0871.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0883.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0933.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/9761"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-08/0389.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0871.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0883.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0933.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/9761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17099"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-18 03:19
Modified
2024-11-21 00:29
Severity ?
Summary
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:*:*:pro:*:*:*:*:*",
"matchCriteriaId": "368AA4FC-79B4-48A3-8BF0-FD7630FA8ACF",
"versionEndIncluding": "6.5.714.000",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions."
},
{
"lang": "es",
"value": "vsdatant.sys en Check Point Zone Labs ZoneAlarm Pro anterior a 7.0.302.000 no valida ciertos argumentos antes de ser pasados a manejadores de funciones SSDT, lo cual permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante argumentos manipulados artesanalmente a las funciones (1) NtCreateKey y (2) NtDeleteFile."
}
],
"id": "CVE-2007-2083",
"lastModified": "2024-11-21T00:29:51.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-18T03:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35239"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2591"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/465868/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/465868/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33664"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-12-31 05:00
Modified
2024-11-20 23:37
Severity ?
Summary
ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDB6978-A1C6-4DCD-86F0-55005D4CF292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE79F675-8577-45AC-A1EB-34C8805CC802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6B7CA67C-34AC-4717-8E86-1A8D3D00046B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2180CF4C-5124-4097-B7DE-C5C5F38E0B87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.4:*:pro:*:*:*:*:*",
"matchCriteriaId": "161A802C-60DE-4A8E-BDBA-771C3123AEBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8FE589FD-0C87-4057-BA5E-326727E0EDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44DD1537-11DD-4C7F-810A-674245E7EAFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.6:*:pro:*:*:*:*:*",
"matchCriteriaId": "2F35E472-2E14-4F37-9D2C-BFBA543184AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters."
}
],
"id": "CVE-2001-1548",
"lastModified": "2024-11-20T23:37:56.983",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0065.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/7671.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/3647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0065.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/7671.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/3647"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:42
Severity ?
Summary
ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:3.0:*:pro:*:*:*:*:*",
"matchCriteriaId": "B3FA13D7-D421-4B5D-B0ED-11BA501638CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:3.1:*:pro:*:*:*:*:*",
"matchCriteriaId": "C114E941-4170-4D71-96B2-1E7DF234358A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue."
}
],
"id": "CVE-2002-1911",
"lastModified": "2024-11-20T23:42:24.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0238.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10379.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/295434"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0238.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10379.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/295434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5975"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-16 07:42
Modified
2024-11-21 00:02
Severity ?
Summary
Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zonelabs | zonealarm | 6.0 | |
| zonelabs | zonealarm | 6.0 | |
| zonelabs | zonealarm_anti-spyware | 6.0 | |
| zonelabs | zonealarm_anti-spyware | 6.1 | |
| zonelabs | zonealarm_antivirus | 6.0 | |
| zonelabs | zonealarm_security_suite | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A762470F-AD26-478D-8B83-9723061D2AF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:6.0:*:pro:*:*:*:*:*",
"matchCriteriaId": "280E308A-F446-461F-9C20-92F8E83649E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm_anti-spyware:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "659C03E1-3F79-415C-8EF2-6CAB6158157D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm_anti-spyware:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC6FED8-87AC-47FF-B43B-7C096182E8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm_antivirus:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B7106B34-09D7-4B92-BDF0-82DE97984333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm_security_suite:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCE7D92E-950B-49FB-B6CD-8E870BBAD56A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the \"Advanced Program Control and OS Firewall filters\" setting via URLs in \"HTML Modal Dialogs\" (window.location.href) contained within JavaScript tags."
}
],
"id": "CVE-2005-3560",
"lastModified": "2024-11-21T00:02:11.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-16T07:42:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17450"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/155"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20677"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/415968"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/15347"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/415968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/15347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22971"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-07-18 04:00
Modified
2024-11-20 23:37
Severity ?
Summary
MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDDB6978-A1C6-4DCD-86F0-55005D4CF292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE79F675-8577-45AC-A1EB-34C8805CC802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6B7CA67C-34AC-4717-8E86-1A8D3D00046B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2180CF4C-5124-4097-B7DE-C5C5F38E0B87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.4:*:pro:*:*:*:*:*",
"matchCriteriaId": "161A802C-60DE-4A8E-BDBA-771C3123AEBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8FE589FD-0C87-4057-BA5E-326727E0EDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44DD1537-11DD-4C7F-810A-674245E7EAFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.6:*:pro:*:*:*:*:*",
"matchCriteriaId": "2F35E472-2E14-4F37-9D2C-BFBA543184AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments."
}
],
"id": "CVE-2001-1373",
"lastModified": "2024-11-20T23:37:32.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-07-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/197681"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3055"
},
{
"source": "cve@mitre.org",
"url": "http://www.zonelabs.com/products/zap/rel_history.html#2.6.362"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/197681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zonelabs.com/products/zap/rel_history.html#2.6.362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6877"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-24 00:17
Modified
2024-11-21 00:37
Severity ?
Summary
ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreatePort and (2) NtDeleteFile kernel SSDT hooks, a partial regression of CVE-2007-2083.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:7.0.362.000:*:pro:*:*:*:*:*",
"matchCriteriaId": "A074A17D-7D90-4B9B-8181-C755B8EFDAD0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreatePort and (2) NtDeleteFile kernel SSDT hooks, a partial regression of CVE-2007-2083."
},
{
"lang": "es",
"value": "ZoneAlarm Pro 7.0.362.000 no valida de forma adecuada ciertos par\u00e1metros en los maneadores de funci\u00f3n System Service Descriptor Table (SSDT), lo cual permite a usuarios locales provocar denegaci\u00f3n de servicio (caida) y posiblemente ganar privilegios a trav\u00e9s del secuestro de (1) NtCreatePort y (2) NtDeleteFile kernel SSDT, una regresi\u00f3n parcial de CVE-2007-2083."
}
],
"id": "CVE-2007-5044",
"lastModified": "2024-11-21T00:37:00.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-24T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/45898"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3161"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/45898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-11 05:00
Modified
2024-11-20 23:54
Severity ?
Summary
vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | check_point_integrity_client | * | |
| checkpoint | check_point_integrity_client | 4.5.122.000 | |
| zonelabs | zonealarm | 5.5.062.011 | |
| zonelabs | zonealarm_wireless_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:check_point_integrity_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F67CBAA3-FC85-48FA-B90A-5BB354BC041D",
"versionEndIncluding": "5.1.556.166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:check_point_integrity_client:4.5.122.000:*:*:*:*:*:*:*",
"matchCriteriaId": "CE49F811-CB35-46F6-A569-1C3B934FC8B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:5.5.062.011:*:*:*:*:*:*:*",
"matchCriteriaId": "03C25ED8-75E6-4C5C-B9C9-DF8B452E60FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm_wireless_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "570140A8-D941-44FE-AB84-6C990BF2C704",
"versionEndIncluding": "5.5.080.000",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer."
}
],
"id": "CVE-2005-0114",
"lastModified": "2024-11-20T23:54:27.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-11T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://download.zonelabs.com/bin/free/securityAlert/19.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14256"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=199\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/12531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://download.zonelabs.com/bin/free/securityAlert/19.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=199\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12531"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:51
Severity ?
Summary
ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.0:*:pro:*:*:*:*:*",
"matchCriteriaId": "721EFD0A-145F-440C-A9FC-D72AE6FA126A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.5:*:pro:*:*:*:*:*",
"matchCriteriaId": "C5DE7D02-A778-47EF-9D3E-871C3EB09370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.5.538.001:*:pro:*:*:*:*:*",
"matchCriteriaId": "F234D3E4-FD8B-4203-A8E4-17B15ECB0AE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:5.0.590.015:*:pro:*:*:*:*:*",
"matchCriteriaId": "50E6E82F-5197-46D1-A0DE-F105177288C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EA43E5A8-0E59-4A6E-9DE6-D2378C066FA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript."
}
],
"id": "CVE-2004-1534",
"lastModified": "2024-11-20T23:51:07.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://download.zonelabs.com/bin/free/securityAlert/18.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110088808402495\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13244/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11706"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://download.zonelabs.com/bin/free/securityAlert/18.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110088808402495\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13244/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18159"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:42
Severity ?
Summary
ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DC75BACC-90EF-4B4D-A21D-7B5C2698D769",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension."
}
],
"id": "CVE-2002-1997",
"lastModified": "2024-11-20T23:42:37.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/265387"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4407"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/265387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8744"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-11-23 05:00
Modified
2024-11-20 23:48
Severity ?
Summary
Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:integrity:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9963B823-D70B-4B3D-ABFE-14C4AC64E5D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0C79EE-6E92-4DE9-BD94-135A9FB14F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.0:*:plus:*:*:*:*:*",
"matchCriteriaId": "1A125DEF-6DE6-41FE-BD43-DA464DB14389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.0:*:pro:*:*:*:*:*",
"matchCriteriaId": "721EFD0A-145F-440C-A9FC-D72AE6FA126A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.5:*:pro:*:*:*:*:*",
"matchCriteriaId": "C5DE7D02-A778-47EF-9D3E-871C3EB09370",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument."
}
],
"id": "CVE-2004-0309",
"lastModified": "2024-11-20T23:48:17.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-11-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://download.zonelabs.com/bin/free/securityAlert/8.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=107722656827427\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-084.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/619982"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3991"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9696"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://download.zonelabs.com/bin/free/securityAlert/8.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=107722656827427\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-084.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/619982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14991"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-02-24 05:00
Modified
2024-11-20 23:31
Severity ?
Summary
ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "1579C5D8-3F58-4477-97E7-C951DD541920",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event."
}
],
"id": "CVE-2000-0220",
"lastModified": "2024-11-20T23:31:59.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-02-24T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0220"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-29 04:00
Modified
2024-11-20 23:35
Severity ?
Summary
ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=ntbugtraq&m=97818917222992&w=2 | Mailing List | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5821 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=ntbugtraq&m=97818917222992&w=2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5821 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | zonealarm_pro | * | |
| zonelabs | zonealarm | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:zonealarm_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A88CF5-AE19-431D-ACAE-0404BEB8B171",
"versionStartIncluding": "2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15B8B67A-6F75-4176-A6A5-E2F695F52C5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting."
}
],
"id": "CVE-2001-0682",
"lastModified": "2024-11-20T23:35:54.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2001-08-29T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=97818917222992\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=97818917222992\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5821"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-667"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:46
Severity ?
Summary
The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack").
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:3.7.202:*:*:*:*:*:*:*",
"matchCriteriaId": "266266D9-0705-4B10-BD0C-18993431C93E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:3.7.211:*:plus:*:*:*:*:*",
"matchCriteriaId": "34C1FA2F-F6F4-49AC-B309-DE38F62D660A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:3.7.211:*:pro:*:*:*:*:*",
"matchCriteriaId": "C281CB19-8EBF-42C8-B37B-4973D7499F59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka \"Device Driver Attack\")."
}
],
"id": "CVE-2003-1309",
"lastModified": "2024-11-20T23:46:50.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html"
},
{
"source": "cve@mitre.org",
"url": "http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html"
},
{
"source": "cve@mitre.org",
"url": "http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt"
},
{
"source": "cve@mitre.org",
"url": "http://sec-labs.hack.pl/papers/win32ddc.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/9459"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.osvdb.org/2375"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.osvdb.org/4362"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8342"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sec-labs.hack.pl/papers/win32ddc.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/9459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.osvdb.org/2375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.osvdb.org/4362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12824"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-06 05:00
Modified
2024-11-20 23:48
Severity ?
Summary
The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:5.0.590.015:*:pro:*:*:*:*:*",
"matchCriteriaId": "50E6E82F-5197-46D1-A0DE-F105177288C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification."
},
{
"lang": "es",
"value": "El filtro de C\u00f3digo M\u00f3vil en ZoneAlarm PRO 5.0.590.015 no filtra c\u00f3digo m\u00f3vil dentro de una sesi\u00f3n SSL cifrada, lo que podr\u00eda permitir a un atacanter remoto saltarse el filtrado de c\u00f3digo m\u00f3vil. NOTA: El vendedor ha manifestado que esta conducta es requerida por la especificaci\u00f3n SLL."
}
],
"id": "CVE-2004-0612",
"lastModified": "2024-11-20T23:48:58.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2004-12-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0420.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108786444608208\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10584"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0420.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108786444608208\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10584"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16471"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-02 22:19
Modified
2024-11-21 00:30
Severity ?
Summary
ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:6.1.744.001:*:pro:*:*:*:*:*",
"matchCriteriaId": "08250383-8542-45E2-83DE-DBC96777BAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:6.5.737.000:*:pro:*:*:*:*:*",
"matchCriteriaId": "E440FCAA-882A-4235-9CAF-796ABFD592B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access."
},
{
"lang": "es",
"value": "ZoneAlarm Pro 6.5.737.000, 6.1.744.001, y posiblemente versiones anteriores y otros productos, permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) enviando informaci\u00f3n mal formada al controlador de dispositivo vsdatant, lo cual provoca un acceso inv\u00e1lido a memoria."
}
],
"id": "CVE-2007-2467",
"lastModified": "2024-11-21T00:30:51.763",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-02T22:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35240"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25064"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-validation-of-vsdatant-driver-input-buffer.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/467269/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23734"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1608"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-validation-of-vsdatant-driver-input-buffer.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/467269/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34028"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-04-14 04:00
Modified
2024-11-20 23:52
Severity ?
Summary
ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.4:*:pro:*:*:*:*:*",
"matchCriteriaId": "161A802C-60DE-4A8E-BDBA-771C3123AEBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:2.6:*:pro:*:*:*:*:*",
"matchCriteriaId": "2F35E472-2E14-4F37-9D2C-BFBA543184AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:3.0:*:pro:*:*:*:*:*",
"matchCriteriaId": "B3FA13D7-D421-4B5D-B0ED-11BA501638CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:3.1:*:pro:*:*:*:*:*",
"matchCriteriaId": "C114E941-4170-4D71-96B2-1E7DF234358A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.0:*:plus:*:*:*:*:*",
"matchCriteriaId": "1A125DEF-6DE6-41FE-BD43-DA464DB14389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.0:*:pro:*:*:*:*:*",
"matchCriteriaId": "721EFD0A-145F-440C-A9FC-D72AE6FA126A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.5:*:pro:*:*:*:*:*",
"matchCriteriaId": "C5DE7D02-A778-47EF-9D3E-871C3EB09370",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.5.538.001:*:plus:*:*:*:*:*",
"matchCriteriaId": "80F0E511-A595-4C00-BC96-B4D97E2D7B0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:4.5.538.001:*:pro:*:*:*:*:*",
"matchCriteriaId": "F234D3E4-FD8B-4203-A8E4-17B15ECB0AE4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters."
}
],
"id": "CVE-2004-1936",
"lastModified": "2024-11-20T23:52:05.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-04-14T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108206751931251\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108248415509417\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10148"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108206751931251\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108248415509417\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15884"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-24 04:00
Modified
2024-11-20 23:57
Severity ?
Summary
Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | etrust_antivirus | 6.0 | |
| broadcom | etrust_antivirus | 7.0 | |
| broadcom | etrust_antivirus | 7.1 | |
| broadcom | etrust_antivirus_ee | 6.0 | |
| broadcom | etrust_antivirus_ee | 7.0 | |
| broadcom | etrust_ez_armor | 1.0 | |
| broadcom | etrust_ez_armor | 2.0 | |
| broadcom | etrust_ez_armor | 2.3 | |
| broadcom | etrust_ez_armor | 2.4 | |
| broadcom | etrust_ez_armor | 2.4.4 | |
| broadcom | etrust_ez_armor_le | 2.0 | |
| broadcom | etrust_ez_armor_le | 3.0.0.14 | |
| broadcom | etrust_intrusion_detection | 1.4.1.13 | |
| broadcom | etrust_intrusion_detection | 1.4.5 | |
| broadcom | etrust_intrusion_detection | 1.5 | |
| broadcom | etrust_intrusion_detection | 3.0 | |
| broadcom | etrust_secure_content_manager | 1.0 | |
| broadcom | etrust_secure_content_manager | 1.1 | |
| broadcom | inoculateit | 6.0 | |
| ca | brightstor_arcserve_backup | 11.1 | |
| ca | etrust_antivirus | 7.0 | |
| ca | etrust_antivirus | 7.0_sp2 | |
| ca | etrust_antivirus | 7.1 | |
| ca | etrust_intrusion_detection | 3.0 | |
| ca | etrust_secure_content_manager | 1.0 | |
| ca | vet_antivirus | 10.66 | |
| zonelabs | zonealarm | * | |
| zonelabs | zonealarm_antivirus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E6F7CD-745B-40A3-97E1-7F2127F257D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32FD77-F67F-4D62-B9F1-46F4569ACBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_ee:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3E22BC0B-8EDE-42A8-83C8-042527239671",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_ee:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8E9674-8578-4757-AC1E-F91A226A43FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "714BCFBA-B843-4C14-AA78-F7CF17899D28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "95B192C7-1FC3-4D18-A17F-E3414BF56713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "217ED722-3ECD-47B5-8AB3-E1789675D1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6E9E5743-8B07-481A-B647-744DA615F779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor_le:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74FE5C87-46B1-471F-A187-45399A00DBF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor_le:3.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "6DD6F73B-C8C0-47DE-BDC5-243712892AE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "511E44CE-86E6-4777-9AEC-9C9A5DA2FAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B65AC50D-032F-4D8E-AC46-6AD69AC4B16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F12F09-BFCC-430B-BDC0-38643E90C10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3DDF2EE3-753B-4C7E-84EF-144FA5986A21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9F9A7A-CC5E-42FD-87F7-4E7473A903D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE9329-AA34-4F56-B4BE-B028F021173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "9E11A387-BF4A-4A54-8F29-37EFF14D72DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0:*:gateway:*:*:*:*:*",
"matchCriteriaId": "B138DD19-1453-4167-A88A-EC861E4BBAA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "37BDDF08-C3D9-4714-91CB-F865BBF9FCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.1:*:gateway:*:*:*:*:*",
"matchCriteriaId": "9A36A178-36EB-4A90-AC52-B98C2DE20011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D10B864B-AA39-4702-A42B-F33BAF2D8059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5005F6FB-8808-4FA0-9EFF-F50A94419E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:vet_antivirus:10.66:*:*:*:*:*:*:*",
"matchCriteriaId": "6D5CB7EE-225A-4356-BDAF-F7F41BD7C150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15B8B67A-6F75-4176-A6A5-E2F695F52C5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC159EA2-7A06-4C5B-85D7-00EE6ABE8033",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow."
}
],
"id": "CVE-2005-1693",
"lastModified": "2024-11-20T23:57:54.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://crm.my-etrust.com/login.asp?username=guest\u0026target=DOCUMENT\u0026openparameter=1588"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=111686576416450\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/15470"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/15479"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1014050"
},
{
"source": "cve@mitre.org",
"url": "http://www.rem0te.com/public/images/vet.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/13710"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://crm.my-etrust.com/login.asp?username=guest\u0026target=DOCUMENT\u0026openparameter=1588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=111686576416450\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/15470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/15479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1014050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.rem0te.com/public/images/vet.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/13710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-01-19 01:28
Modified
2024-11-21 00:25
Severity ?
Summary
Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. NOTE: it is not clear whether this is an issue in Windows itself, or an interaction with another product. The issue might involve ZoneAlarm not being able to terminate processes when it cannot prompt the user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_xp | * | |
| zonelabs | zonealarm | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "4E7FD818-322D-4089-A644-360C33943D29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
"matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zonelabs:zonealarm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15B8B67A-6F75-4176-A6A5-E2F695F52C5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. NOTE: it is not clear whether this is an issue in Windows itself, or an interaction with another product. The issue might involve ZoneAlarm not being able to terminate processes when it cannot prompt the user."
},
{
"lang": "es",
"value": "Microsoft Windows XP y Windows Server 2003 no manejan apropiadamente el cierre de sesi\u00f3n del usuario, lo que podr\u00eda permitir a los usuarios locales conseguir los privilegios de un usuario de sistema anterior, posiblemente relacionados con el error de descarga del perfil de usuario. NOTA: no est\u00e1 claro si esto es un problema en Windows en s\u00ed, o una interacci\u00f3n con otro producto. El problema puede implicar que ZoneAlarm no pueda terminar los procesos cuando no pueda hacer una petici\u00f3n al usuario."
}
],
"id": "CVE-2007-0351",
"lastModified": "2024-11-21T00:25:38.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-19T01:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/457167/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/457217/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/457340/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/457807/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/459838/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/457167/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/457217/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/457340/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/457807/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/459838/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2002-1997
Vulnerability from cvelistv5
Published
2005-07-14 04:00
Modified
2024-08-08 03:43
Severity ?
EPSS score ?
Summary
ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/265387 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/4407 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/8744 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020402 Various Vulnerabilities in ZoneAlarm MailSafe",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/265387"
},
{
"name": "4407",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4407"
},
{
"name": "zonealarm-mailsafe-dot-bypass(8744)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8744"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020402 Various Vulnerabilities in ZoneAlarm MailSafe",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/265387"
},
{
"name": "4407",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4407"
},
{
"name": "zonealarm-mailsafe-dot-bypass(8744)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8744"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020402 Various Vulnerabilities in ZoneAlarm MailSafe",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/265387"
},
{
"name": "4407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4407"
},
{
"name": "zonealarm-mailsafe-dot-bypass(8744)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8744"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1997",
"datePublished": "2005-07-14T04:00:00",
"dateReserved": "2005-07-14T00:00:00",
"dateUpdated": "2024-08-08T03:43:33.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2083
Vulnerability from cvelistv5
Published
2007-04-18 02:20
Modified
2024-08-07 13:23
Severity ?
EPSS score ?
Summary
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/465868/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/2591 | third-party-advisory, x_refsource_SREASON | |
| http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33664 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/35239 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:23:50.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070415 ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/465868/100/0/threaded"
},
{
"name": "2591",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2591"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "zonealarm-vsdatant-dos(33664)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33664"
},
{
"name": "35239",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35239"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070415 ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/465868/100/0/threaded"
},
{
"name": "2591",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2591"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "zonealarm-vsdatant-dos(33664)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33664"
},
{
"name": "35239",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35239"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070415 ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465868/100/0/threaded"
},
{
"name": "2591",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2591"
},
{
"name": "http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "zonealarm-vsdatant-dos(33664)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33664"
},
{
"name": "35239",
"refsource": "OSVDB",
"url": "http://osvdb.org/35239"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2083",
"datePublished": "2007-04-18T02:20:00",
"dateReserved": "2007-04-17T00:00:00",
"dateUpdated": "2024-08-07T13:23:50.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3560
Vulnerability from cvelistv5
Published
2005-11-16 07:37
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/15347 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/20677 | vdb-entry, x_refsource_OSVDB | |
| http://securityreason.com/securityalert/155 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/22971 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/415968 | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/17450 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15347",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15347"
},
{
"name": "20677",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20677"
},
{
"name": "155",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/155"
},
{
"name": "zonealarm-showhtmldialog-obtain-information(22971)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22971"
},
{
"name": "20051107 Zone Labs Products Advance Program Control and OS Firewall (Behavioral Based) Technology Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/415968"
},
{
"name": "17450",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17450"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the \"Advanced Program Control and OS Firewall filters\" setting via URLs in \"HTML Modal Dialogs\" (window.location.href) contained within JavaScript tags."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15347",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15347"
},
{
"name": "20677",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20677"
},
{
"name": "155",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/155"
},
{
"name": "zonealarm-showhtmldialog-obtain-information(22971)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22971"
},
{
"name": "20051107 Zone Labs Products Advance Program Control and OS Firewall (Behavioral Based) Technology Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/415968"
},
{
"name": "17450",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17450"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3560",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the \"Advanced Program Control and OS Firewall filters\" setting via URLs in \"HTML Modal Dialogs\" (window.location.href) contained within JavaScript tags."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15347",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15347"
},
{
"name": "20677",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20677"
},
{
"name": "155",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/155"
},
{
"name": "zonealarm-showhtmldialog-obtain-information(22971)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22971"
},
{
"name": "20051107 Zone Labs Products Advance Program Control and OS Firewall (Behavioral Based) Technology Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/415968"
},
{
"name": "17450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17450"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3560",
"datePublished": "2005-11-16T07:37:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1309
Vulnerability from cvelistv5
Published
2006-11-30 16:00
Modified
2024-08-08 02:19
Severity ?
EPSS score ?
Summary
The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack").
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/4362 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/8342 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/12824 | vdb-entry, x_refsource_XF | |
| http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html | x_refsource_CONFIRM | |
| http://sec-labs.hack.pl/papers/win32ddc.php | x_refsource_MISC | |
| http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt | x_refsource_MISC | |
| http://www.osvdb.org/2375 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/9459 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html | mailing-list, x_refsource_VULNWATCH |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:19:46.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4362",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4362"
},
{
"name": "8342",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8342"
},
{
"name": "device-driver-gain-privileges(12824)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12824"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sec-labs.hack.pl/papers/win32ddc.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt"
},
{
"name": "2375",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/2375"
},
{
"name": "9459",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9459"
},
{
"name": "20030805 Local ZoneAlarm Firewall (probably all versions - tested on v3.1)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka \"Device Driver Attack\")."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4362",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4362"
},
{
"name": "8342",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8342"
},
{
"name": "device-driver-gain-privileges(12824)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12824"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sec-labs.hack.pl/papers/win32ddc.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt"
},
{
"name": "2375",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/2375"
},
{
"name": "9459",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9459"
},
{
"name": "20030805 Local ZoneAlarm Firewall (probably all versions - tested on v3.1)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka \"Device Driver Attack\")."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4362",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4362"
},
{
"name": "8342",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8342"
},
{
"name": "device-driver-gain-privileges(12824)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12824"
},
{
"name": "http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html",
"refsource": "CONFIRM",
"url": "http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html"
},
{
"name": "http://sec-labs.hack.pl/papers/win32ddc.php",
"refsource": "MISC",
"url": "http://sec-labs.hack.pl/papers/win32ddc.php"
},
{
"name": "http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt",
"refsource": "MISC",
"url": "http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt"
},
{
"name": "2375",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/2375"
},
{
"name": "9459",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9459"
},
{
"name": "20030805 Local ZoneAlarm Firewall (probably all versions - tested on v3.1)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1309",
"datePublished": "2006-11-30T16:00:00",
"dateReserved": "2006-11-30T00:00:00",
"dateUpdated": "2024-08-08T02:19:46.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1936
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 01:07
Severity ?
EPSS score ?
Summary
ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/10148 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15884 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=108248415509417&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://marc.info/?l=bugtraq&m=108206751931251&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:07:49.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10148",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10148"
},
{
"name": "zonealarm-email-bypass-security(15884)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15884"
},
{
"name": "20040420 Re: ZA Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108248415509417\u0026w=2"
},
{
"name": "20040414 ZA Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108206751931251\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10148",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10148"
},
{
"name": "zonealarm-email-bypass-security(15884)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15884"
},
{
"name": "20040420 Re: ZA Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108248415509417\u0026w=2"
},
{
"name": "20040414 ZA Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108206751931251\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1936",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10148"
},
{
"name": "zonealarm-email-bypass-security(15884)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15884"
},
{
"name": "20040420 Re: ZA Security Hole",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108248415509417\u0026w=2"
},
{
"name": "20040414 ZA Security Hole",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108206751931251\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1936",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:07:49.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0339
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000421044123.2353.qmail%40securityfocus.com | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/1294 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/1137 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000420 ZoneAlarm",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000421044123.2353.qmail%40securityfocus.com"
},
{
"name": "1294",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1294"
},
{
"name": "1137",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000420 ZoneAlarm",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000421044123.2353.qmail%40securityfocus.com"
},
{
"name": "1294",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1294"
},
{
"name": "1137",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0339",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000420 ZoneAlarm",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000421044123.2353.qmail@securityfocus.com"
},
{
"name": "1294",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1294"
},
{
"name": "1137",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0339",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-05-11T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1534
Vulnerability from cvelistv5
Published
2005-02-19 05:00
Modified
2024-08-08 00:53
Severity ?
EPSS score ?
Summary
ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/13244/ | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=110088808402495&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://download.zonelabs.com/bin/free/securityAlert/18.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/11706 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18159 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:53:24.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13244",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13244/"
},
{
"name": "20041118 Zone Labs Ad-Blocking Instability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110088808402495\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.zonelabs.com/bin/free/securityAlert/18.html"
},
{
"name": "11706",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11706"
},
{
"name": "zonealarm-adblock-dos(18159)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18159"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13244",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13244/"
},
{
"name": "20041118 Zone Labs Ad-Blocking Instability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110088808402495\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.zonelabs.com/bin/free/securityAlert/18.html"
},
{
"name": "11706",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11706"
},
{
"name": "zonealarm-adblock-dos(18159)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18159"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1534",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13244",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13244/"
},
{
"name": "20041118 Zone Labs Ad-Blocking Instability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110088808402495\u0026w=2"
},
{
"name": "http://download.zonelabs.com/bin/free/securityAlert/18.html",
"refsource": "CONFIRM",
"url": "http://download.zonelabs.com/bin/free/securityAlert/18.html"
},
{
"name": "11706",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11706"
},
{
"name": "zonealarm-adblock-dos(18159)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18159"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1534",
"datePublished": "2005-02-19T05:00:00",
"dateReserved": "2005-02-18T00:00:00",
"dateUpdated": "2024-08-08T00:53:24.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0309
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/3991 | vdb-entry, x_refsource_OSVDB | |
| http://download.zonelabs.com/bin/free/securityAlert/8.html | x_refsource_CONFIRM | |
| http://marc.info/?l=bugtraq&m=107722656827427&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/9696 | vdb-entry, x_refsource_BID | |
| http://www.kb.cert.org/vuls/id/619982 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.ciac.org/ciac/bulletins/o-084.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/14991 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3991",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.zonelabs.com/bin/free/securityAlert/8.html"
},
{
"name": "20040219 EEYE: ZoneLabs SMTP Processing Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107722656827427\u0026w=2"
},
{
"name": "9696",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9696"
},
{
"name": "VU#619982",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/619982"
},
{
"name": "O-084",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-084.shtml"
},
{
"name": "zonelabs-multiple-products-bo(14991)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14991"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3991",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.zonelabs.com/bin/free/securityAlert/8.html"
},
{
"name": "20040219 EEYE: ZoneLabs SMTP Processing Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107722656827427\u0026w=2"
},
{
"name": "9696",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9696"
},
{
"name": "VU#619982",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/619982"
},
{
"name": "O-084",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-084.shtml"
},
{
"name": "zonelabs-multiple-products-bo(14991)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14991"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3991",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3991"
},
{
"name": "http://download.zonelabs.com/bin/free/securityAlert/8.html",
"refsource": "CONFIRM",
"url": "http://download.zonelabs.com/bin/free/securityAlert/8.html"
},
{
"name": "20040219 EEYE: ZoneLabs SMTP Processing Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107722656827427\u0026w=2"
},
{
"name": "9696",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9696"
},
{
"name": "VU#619982",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/619982"
},
{
"name": "O-084",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-084.shtml"
},
{
"name": "zonelabs-multiple-products-bo(14991)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14991"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0309",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1911
Vulnerability from cvelistv5
Published
2005-06-28 04:00
Modified
2024-09-17 02:48
Severity ?
EPSS score ?
Summary
ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/5975 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2002-10/0238.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/295434 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/10379.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:43:33.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5975",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5975"
},
{
"name": "20021017 Re: NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0238.html"
},
{
"name": "20021016 NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/295434"
},
{
"name": "zonealarm-synflood-dos(10379)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10379.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-28T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5975",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5975"
},
{
"name": "20021017 Re: NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0238.html"
},
{
"name": "20021016 NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/295434"
},
{
"name": "zonealarm-synflood-dos(10379)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10379.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5975"
},
{
"name": "20021017 Re: NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0238.html"
},
{
"name": "20021016 NSSI-2002-zonealarm3: ZoneAlarm Pro Denial of Service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/295434"
},
{
"name": "zonealarm-synflood-dos(10379)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10379.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1911",
"datePublished": "2005-06-28T04:00:00Z",
"dateReserved": "2005-06-28T04:00:00Z",
"dateUpdated": "2024-09-17T02:48:09.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5044
Vulnerability from cvelistv5
Published
2007-09-24 00:00
Modified
2024-08-07 15:17
Severity ?
EPSS score ?
Summary
ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreatePort and (2) NtDeleteFile kernel SSDT hooks, a partial regression of CVE-2007-2083.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityreason.com/securityalert/3161 | third-party-advisory, x_refsource_SREASON | |
| http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php | x_refsource_MISC | |
| http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/479830/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/45898 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.002Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3161",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
},
{
"name": "45898",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/45898"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreatePort and (2) NtDeleteFile kernel SSDT hooks, a partial regression of CVE-2007-2083."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3161",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
},
{
"name": "45898",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/45898"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreatePort and (2) NtDeleteFile kernel SSDT hooks, a partial regression of CVE-2007-2083."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3161",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3161"
},
{
"name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
},
{
"name": "45898",
"refsource": "OSVDB",
"url": "http://osvdb.org/45898"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5044",
"datePublished": "2007-09-24T00:00:00",
"dateReserved": "2007-09-23T00:00:00",
"dateUpdated": "2024-08-07T15:17:28.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0612
Vulnerability from cvelistv5
Published
2004-06-30 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=108786444608208&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16471 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2004-06/0420.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/10584 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040621 ZoneAlarm Pro \u0027Mobile Code\u0027 Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108786444608208\u0026w=2"
},
{
"name": "zonealarm-mobile-code-bypass(16471)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16471"
},
{
"name": "20040625 Zone Labs response to \"ZoneAlarm Pro \u0027Mobile Code\u0027 Bypass Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0420.html"
},
{
"name": "10584",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10584"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040621 ZoneAlarm Pro \u0027Mobile Code\u0027 Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108786444608208\u0026w=2"
},
{
"name": "zonealarm-mobile-code-bypass(16471)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16471"
},
{
"name": "20040625 Zone Labs response to \"ZoneAlarm Pro \u0027Mobile Code\u0027 Bypass Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0420.html"
},
{
"name": "10584",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10584"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040621 ZoneAlarm Pro \u0027Mobile Code\u0027 Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108786444608208\u0026w=2"
},
{
"name": "zonealarm-mobile-code-bypass(16471)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16471"
},
{
"name": "20040625 Zone Labs response to \"ZoneAlarm Pro \u0027Mobile Code\u0027 Bypass Vulnerability\"",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0420.html"
},
{
"name": "10584",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10584"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0612",
"datePublished": "2004-06-30T04:00:00",
"dateReserved": "2004-06-29T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0351
Vulnerability from cvelistv5
Published
2007-01-19 01:00
Modified
2024-08-07 12:12
Severity ?
EPSS score ?
Summary
Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. NOTE: it is not clear whether this is an issue in Windows itself, or an interaction with another product. The issue might involve ZoneAlarm not being able to terminate processes when it cannot prompt the user.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/457217/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/457167/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/457807/100/200/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/459838/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/457340/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:12:18.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070117 Re: Windows logoff bug possible security vulnerability and exploit.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/457217/100/0/threaded"
},
{
"name": "20070117 Windows logoff bug possible security vulnerability and exploit.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/457167/100/0/threaded"
},
{
"name": "20070123 Re: Windows logoff bug possible security vulnerability and exploit.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/457807/100/200/threaded"
},
{
"name": "20070211 Windows logoff bug solution possibly.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459838/100/0/threaded"
},
{
"name": "20070118 Re: Windows logoff bug possible security vulnerability and exploit.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/457340/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. NOTE: it is not clear whether this is an issue in Windows itself, or an interaction with another product. The issue might involve ZoneAlarm not being able to terminate processes when it cannot prompt the user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070117 Re: Windows logoff bug possible security vulnerability and exploit.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/457217/100/0/threaded"
},
{
"name": "20070117 Windows logoff bug possible security vulnerability and exploit.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/457167/100/0/threaded"
},
{
"name": "20070123 Re: Windows logoff bug possible security vulnerability and exploit.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/457807/100/200/threaded"
},
{
"name": "20070211 Windows logoff bug solution possibly.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459838/100/0/threaded"
},
{
"name": "20070118 Re: Windows logoff bug possible security vulnerability and exploit.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/457340/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. NOTE: it is not clear whether this is an issue in Windows itself, or an interaction with another product. The issue might involve ZoneAlarm not being able to terminate processes when it cannot prompt the user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070117 Re: Windows logoff bug possible security vulnerability and exploit.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457217/100/0/threaded"
},
{
"name": "20070117 Windows logoff bug possible security vulnerability and exploit.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457167/100/0/threaded"
},
{
"name": "20070123 Re: Windows logoff bug possible security vulnerability and exploit.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457807/100/200/threaded"
},
{
"name": "20070211 Windows logoff bug solution possibly.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459838/100/0/threaded"
},
{
"name": "20070118 Re: Windows logoff bug possible security vulnerability and exploit.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457340/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0351",
"datePublished": "2007-01-19T01:00:00",
"dateReserved": "2007-01-18T00:00:00",
"dateUpdated": "2024-08-07T12:12:18.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0220
Vulnerability from cvelistv5
Published
2000-03-22 05:00
Modified
2024-08-08 05:05
Severity ?
EPSS score ?
Summary
ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0220 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:54.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0220"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T08:23:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0220"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0220",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0220"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0220",
"datePublished": "2000-03-22T05:00:00",
"dateReserved": "2000-03-22T00:00:00",
"dateUpdated": "2024-08-08T05:05:54.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-1548
Vulnerability from cvelistv5
Published
2005-07-14 04:00
Modified
2024-09-17 02:41
Severity ?
EPSS score ?
Summary
ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/3647 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/7671.php | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2001-12/0065.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:58:11.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3647",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3647"
},
{
"name": "zonealarm-tiny-bypass-filter(7671)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7671.php"
},
{
"name": "20011206 Re: Flawed outbound packet filtering in various personal firewalls",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0065.html"
},
{
"name": "20011205 Flawed outbound packet filtering in various personal firewalls",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-07-14T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3647",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3647"
},
{
"name": "zonealarm-tiny-bypass-filter(7671)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7671.php"
},
{
"name": "20011206 Re: Flawed outbound packet filtering in various personal firewalls",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0065.html"
},
{
"name": "20011205 Flawed outbound packet filtering in various personal firewalls",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3647",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3647"
},
{
"name": "zonealarm-tiny-bypass-filter(7671)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7671.php"
},
{
"name": "20011206 Re: Flawed outbound packet filtering in various personal firewalls",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0065.html"
},
{
"name": "20011205 Flawed outbound packet filtering in various personal firewalls",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1548",
"datePublished": "2005-07-14T04:00:00Z",
"dateReserved": "2005-07-14T00:00:00Z",
"dateUpdated": "2024-09-17T02:41:54.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-0682
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
EPSS score ?
Summary
ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=ntbugtraq&m=97818917222992&w=2 | mailing-list, x_refsource_NTBUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5821 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:06.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20001230 [DiamondCS Advisory] ZoneAlarm and ZoneAlarm Pro can be blocked from loading by setting a Mutex in memory",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=97818917222992\u0026w=2"
},
{
"name": "zonealarm-mutex-dos(5821)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5821"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-12-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20001230 [DiamondCS Advisory] ZoneAlarm and ZoneAlarm Pro can be blocked from loading by setting a Mutex in memory",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=97818917222992\u0026w=2"
},
{
"name": "zonealarm-mutex-dos(5821)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5821"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0682",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20001230 [DiamondCS Advisory] ZoneAlarm and ZoneAlarm Pro can be blocked from loading by setting a Mutex in memory",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=97818917222992\u0026w=2"
},
{
"name": "zonealarm-mutex-dos(5821)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5821"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0682",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-29T00:00:00",
"dateUpdated": "2024-08-08T04:30:06.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0114
Vulnerability from cvelistv5
Published
2005-02-11 05:00
Modified
2024-08-07 21:05
Severity ?
EPSS score ?
Summary
vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer.
References
| ▼ | URL | Tags |
|---|---|---|
| http://download.zonelabs.com/bin/free/securityAlert/19.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/14256 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/12531 | vdb-entry, x_refsource_BID | |
| http://www.idefense.com/application/poi/display?id=199&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:23.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.zonelabs.com/bin/free/securityAlert/19.html"
},
{
"name": "14256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14256"
},
{
"name": "12531",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12531"
},
{
"name": "20050211 ZoneAlarm 5.1 Invalid Pointer Dereference Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=199\u0026type=vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-17T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.zonelabs.com/bin/free/securityAlert/19.html"
},
{
"name": "14256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14256"
},
{
"name": "12531",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12531"
},
{
"name": "20050211 ZoneAlarm 5.1 Invalid Pointer Dereference Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=199\u0026type=vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://download.zonelabs.com/bin/free/securityAlert/19.html",
"refsource": "CONFIRM",
"url": "http://download.zonelabs.com/bin/free/securityAlert/19.html"
},
{
"name": "14256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14256"
},
{
"name": "12531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12531"
},
{
"name": "20050211 ZoneAlarm 5.1 Invalid Pointer Dereference Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=199\u0026type=vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0114",
"datePublished": "2005-02-11T05:00:00",
"dateReserved": "2005-01-18T00:00:00",
"dateUpdated": "2024-08-07T21:05:23.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1693
Vulnerability from cvelistv5
Published
2005-05-24 04:00
Modified
2024-08-07 21:59
Severity ?
EPSS score ?
Summary
Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896 | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=111686576416450&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1014050 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/15470 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.rem0te.com/public/images/vet.pdf | x_refsource_MISC | |
| http://www.securityfocus.com/bid/13710 | vdb-entry, x_refsource_BID | |
| http://crm.my-etrust.com/login.asp?username=guest&target=DOCUMENT&openparameter=1588 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/15479 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:59:24.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896"
},
{
"name": "20050523 Computer Associates Vet Antivirus Library Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111686576416450\u0026w=2"
},
{
"name": "1014050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014050"
},
{
"name": "15470",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15470"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rem0te.com/public/images/vet.pdf"
},
{
"name": "13710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13710"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://crm.my-etrust.com/login.asp?username=guest\u0026target=DOCUMENT\u0026openparameter=1588"
},
{
"name": "15479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896"
},
{
"name": "20050523 Computer Associates Vet Antivirus Library Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111686576416450\u0026w=2"
},
{
"name": "1014050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014050"
},
{
"name": "15470",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15470"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rem0te.com/public/images/vet.pdf"
},
{
"name": "13710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13710"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://crm.my-etrust.com/login.asp?username=guest\u0026target=DOCUMENT\u0026openparameter=1588"
},
{
"name": "15479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896",
"refsource": "MISC",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896"
},
{
"name": "20050523 Computer Associates Vet Antivirus Library Remote Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111686576416450\u0026w=2"
},
{
"name": "1014050",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014050"
},
{
"name": "15470",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15470"
},
{
"name": "http://www.rem0te.com/public/images/vet.pdf",
"refsource": "MISC",
"url": "http://www.rem0te.com/public/images/vet.pdf"
},
{
"name": "13710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13710"
},
{
"name": "http://crm.my-etrust.com/login.asp?username=guest\u0026target=DOCUMENT\u0026openparameter=1588",
"refsource": "CONFIRM",
"url": "http://crm.my-etrust.com/login.asp?username=guest\u0026target=DOCUMENT\u0026openparameter=1588"
},
{
"name": "15479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1693",
"datePublished": "2005-05-24T04:00:00",
"dateReserved": "2005-05-24T00:00:00",
"dateUpdated": "2024-08-07T21:59:24.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-2713
Vulnerability from cvelistv5
Published
2007-10-06 21:00
Modified
2024-08-08 01:36
Severity ?
EPSS score ?
Summary
Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that it does not affect product functionality since the same information is also saved in a protected file
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2004-08/0389.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0883.html | mailing-list, x_refsource_FULLDISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17099 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0933.html | mailing-list, x_refsource_FULLDISC | |
| http://www.osvdb.org/9761 | vdb-entry, x_refsource_OSVDB | |
| http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0871.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040825 Check Point - Zone Labs Division - Response to \"Weak Default Permissions Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-08/0389.html"
},
{
"name": "20040820 Re: Unsecure file permission of ZoneAlarm pro.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0883.html"
},
{
"name": "zonealarm-insecure-file-permission(17099)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17099"
},
{
"name": "20040821 Re: Unsecure file permission of ZoneAlarm pro.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0933.html"
},
{
"name": "9761",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/9761"
},
{
"name": "20040819 Unsecure file permission of ZoneAlarm pro.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0871.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\\Internet Logs\\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that it does not affect product functionality since the same information is also saved in a protected file"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040825 Check Point - Zone Labs Division - Response to \"Weak Default Permissions Vulnerability\"",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-08/0389.html"
},
{
"name": "20040820 Re: Unsecure file permission of ZoneAlarm pro.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0883.html"
},
{
"name": "zonealarm-insecure-file-permission(17099)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17099"
},
{
"name": "20040821 Re: Unsecure file permission of ZoneAlarm pro.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0933.html"
},
{
"name": "9761",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/9761"
},
{
"name": "20040819 Unsecure file permission of ZoneAlarm pro.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0871.html"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2713",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\\Internet Logs\\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that it does not affect product functionality since the same information is also saved in a protected file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040825 Check Point - Zone Labs Division - Response to \"Weak Default Permissions Vulnerability\"",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-08/0389.html"
},
{
"name": "20040820 Re: Unsecure file permission of ZoneAlarm pro.",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0883.html"
},
{
"name": "zonealarm-insecure-file-permission(17099)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17099"
},
{
"name": "20040821 Re: Unsecure file permission of ZoneAlarm pro.",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0933.html"
},
{
"name": "9761",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/9761"
},
{
"name": "20040819 Unsecure file permission of ZoneAlarm pro.",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0871.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2713",
"datePublished": "2007-10-06T21:00:00",
"dateReserved": "2007-10-06T00:00:00",
"dateUpdated": "2024-08-08T01:36:25.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2467
Vulnerability from cvelistv5
Published
2007-05-02 22:00
Modified
2024-08-07 13:42
Severity ?
EPSS score ?
Summary
ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/23734 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2007/1608 | vdb-entry, x_refsource_VUPEN | |
| http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-validation-of-vsdatant-driver-input-buffer.php | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34028 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/35240 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/467269/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/25064 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:32.293Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "23734",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23734"
},
{
"name": "ADV-2007-1608",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1608"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-validation-of-vsdatant-driver-input-buffer.php"
},
{
"name": "zonealarm-vsdatant-inputbuffer-dos(34028)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34028"
},
{
"name": "35240",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35240"
},
{
"name": "20070501 ZoneAlarm Insufficient validation of \u0027vsdatant\u0027 driver input buffer Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/467269/100/0/threaded"
},
{
"name": "25064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25064"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "23734",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23734"
},
{
"name": "ADV-2007-1608",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1608"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-validation-of-vsdatant-driver-input-buffer.php"
},
{
"name": "zonealarm-vsdatant-inputbuffer-dos(34028)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34028"
},
{
"name": "35240",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35240"
},
{
"name": "20070501 ZoneAlarm Insufficient validation of \u0027vsdatant\u0027 driver input buffer Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/467269/100/0/threaded"
},
{
"name": "25064",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25064"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2467",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23734"
},
{
"name": "ADV-2007-1608",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1608"
},
{
"name": "http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-validation-of-vsdatant-driver-input-buffer.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-validation-of-vsdatant-driver-input-buffer.php"
},
{
"name": "zonealarm-vsdatant-inputbuffer-dos(34028)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34028"
},
{
"name": "35240",
"refsource": "OSVDB",
"url": "http://osvdb.org/35240"
},
{
"name": "20070501 ZoneAlarm Insufficient validation of \u0027vsdatant\u0027 driver input buffer Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467269/100/0/threaded"
},
{
"name": "25064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25064"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2467",
"datePublished": "2007-05-02T22:00:00",
"dateReserved": "2007-05-02T00:00:00",
"dateUpdated": "2024-08-07T13:42:32.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-1373
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:51
Severity ?
EPSS score ?
Summary
MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.zonelabs.com/products/zap/rel_history.html#2.6.362 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/6877 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/197681 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/3055 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.zonelabs.com/products/zap/rel_history.html#2.6.362"
},
{
"name": "zonealarm-bypass-mailsafe(6877)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6877"
},
{
"name": "20010718 ZoneAlarm Pro",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/197681"
},
{
"name": "3055",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3055"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-06-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.zonelabs.com/products/zap/rel_history.html#2.6.362"
},
{
"name": "zonealarm-bypass-mailsafe(6877)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6877"
},
{
"name": "20010718 ZoneAlarm Pro",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/197681"
},
{
"name": "3055",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3055"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1373",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zonelabs.com/products/zap/rel_history.html#2.6.362",
"refsource": "CONFIRM",
"url": "http://www.zonelabs.com/products/zap/rel_history.html#2.6.362"
},
{
"name": "zonealarm-bypass-mailsafe(6877)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6877"
},
{
"name": "20010718 ZoneAlarm Pro",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/197681"
},
{
"name": "3055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3055"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1373",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-06-07T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-200502-0086
Vulnerability from variot
vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer. Multiple ZoneAlarm products and Check Point Integrity Client are reported prone to a local denial of service vulnerability. This issue exists due to an invalid pointer dereference. A successful attack can result in a denial of service condition in the kernel. ZoneAlarm Security Suite, ZoneAlarm Pro, and ZoneAlarm versions prior to 5.5.062.011 and Check Point Integrity Client versions prior to 4.5.122.000 and 5.1.556.166 are considered vulnerable to this issue. ZoneAlarm is a popular desktop firewall system. BACKGROUND
Zone Labs ZoneAlarm provides personal firewall protection. More information is available from:
http://www.zonelabs.com/
II.
ZoneAlarm offers process specific protection by hooking the kernel API routine NtConnectPort(). NtConnectPort() is used by programs to implement advanced inter-process communication (IPC). The NtConnectPort() function is declared as follows:
NtConnectPort(
OUT PHANDLE ClientPortHandle,
IN PUNICODE_STRING ServerPortName,
IN PSECURITY_QUALITY_OF_SERVICE SecurityQos,
IN OUT PLPC_SECTION_OWNER_MEMORY ClientSharedMemory OPTIONAL,
OUT PLPC_SECTION_MEMORY ServerSharedMemory OPTIONAL,
OUT PULONG MaximumMessageLength OPTIONAL,
IN OUT PVOID ConnectionInfo OPTIONAL,
IN OUT PULONG ConnectionInfoLength OPTIONAL);
The problem specifically exists within vsdatant.sys as ZoneAlarm fails to verify the second argument. 'ServerPortName' is a valid address prior to derefencing it as a pointer. The vulnerable section of code is displayed here:
0001EE93 mov esi, [esp+108h+ServerPortName]
0001EE9A mov edi, eax
0001EE9C test esi, esi
0001EE9E jz short loc_1EEB6
0001EEA0 mov edx, [esi+4]
The argument 'ServerPortName' is stored in the register ESI. A check is made to ensure that the value is not NULL. Any non-zero invalid memory address can be passed as the second argument to NtConnectPort(), resulting in a system crash.
III. ANALYSIS
Exploitation allows local and remote attackers who have exploited another vulnerability to trigger a DoS in kernel space, resulting in a "blue screen of death."
IV. DETECTION
iDEFENSE has confirmed the existence of this vulnerability in ZoneAlarm version 5.1. It is suspected that previous versions of ZoneAlarm are vulnerable as well.
V. WORKAROUND
iDEFENSE is currently unaware of any workarounds for this issue.
VI. VENDOR RESPONSE
A vendor advisory for this issue is available at:
http://download.zonelabs.com/bin/free/securityAlert/19.html
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the names CAN-2005-0114 to these issues. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
01/06/2005 Initial vendor notification 01/07/2005 Initial vendor response 02/11/2005 Coordinated public disclosure
IX. CREDIT
iDEFENSE Labs is credited with this discovery.
Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp
X. LEGAL NOTICES
Copyright (c) 2005 iDEFENSE, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition.
There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200502-0086",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zonealarm wireless security",
"scope": "lte",
"trust": 1.0,
"vendor": "zonelabs",
"version": "5.5.080.000"
},
{
"model": "zonealarm",
"scope": "eq",
"trust": 1.0,
"vendor": "zonelabs",
"version": "5.5.062.011"
},
{
"model": "check point integrity client",
"scope": "lte",
"trust": 1.0,
"vendor": "checkpoint",
"version": "5.1.556.166"
},
{
"model": "check point integrity client",
"scope": "eq",
"trust": 1.0,
"vendor": "checkpoint",
"version": "4.5.122.000"
},
{
"model": "zonealarm wireless security",
"scope": "eq",
"trust": 0.6,
"vendor": "zonelabs",
"version": "5.5.080.000"
},
{
"model": "labs zonealarm security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.5.062"
},
{
"model": "labs zonealarm security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.5"
},
{
"model": "labs zonealarm security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.1"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.5.062"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.1"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.0.590.015"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.5.538.001"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.5"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.0"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "3.1"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "3.0"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.6"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.4"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.1"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.5.538.001"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.0"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "3.7.202"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "3.1"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "3.0"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.6"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.5"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.4"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.3"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.2"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.1"
},
{
"model": "point software integrity client",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "5.0"
},
{
"model": "point software integrity client",
"scope": "eq",
"trust": 0.3,
"vendor": "check",
"version": "4.5"
},
{
"model": "labs zonealarm security suite",
"scope": "ne",
"trust": 0.3,
"vendor": "zone",
"version": "5.5.062.011"
},
{
"model": "labs zonealarm pro",
"scope": "ne",
"trust": 0.3,
"vendor": "zone",
"version": "5.5.062.011"
},
{
"model": "labs zonealarm",
"scope": "ne",
"trust": 0.3,
"vendor": "zone",
"version": "5.5.062.011"
},
{
"model": "point software integrity client",
"scope": "ne",
"trust": 0.3,
"vendor": "check",
"version": "5.1.556.166"
},
{
"model": "point software integrity client",
"scope": "ne",
"trust": 0.3,
"vendor": "check",
"version": "4.4.122.000"
}
],
"sources": [
{
"db": "BID",
"id": "12531"
},
{
"db": "NVD",
"id": "CVE-2005-0114"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-047"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:zonelabs:zonealarm:5.5.062.011:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:check_point_integrity_client:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.1.556.166",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:zonelabs:zonealarm_wireless_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.5.080.000",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:check_point_integrity_client:4.5.122.000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0114"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to iDEFENSE Labs.",
"sources": [
{
"db": "BID",
"id": "12531"
}
],
"trust": 0.3
},
"cve": "CVE-2005-0114",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-11323",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2005-0114",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0114",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-200502-047",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-11323",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2005-0114",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11323"
},
{
"db": "VULMON",
"id": "CVE-2005-0114"
},
{
"db": "NVD",
"id": "CVE-2005-0114"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-047"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer. Multiple ZoneAlarm products and Check Point Integrity Client are reported prone to a local denial of service vulnerability. This issue exists due to an invalid pointer dereference. \nA successful attack can result in a denial of service condition in the kernel. \nZoneAlarm Security Suite, ZoneAlarm Pro, and ZoneAlarm versions prior to 5.5.062.011 and Check Point Integrity Client versions prior to 4.5.122.000 and 5.1.556.166 are considered vulnerable to this issue. ZoneAlarm is a popular desktop firewall system. BACKGROUND\n\nZone Labs ZoneAlarm provides personal firewall protection. More\ninformation is available from:\n\n http://www.zonelabs.com/\n\nII. \n\nZoneAlarm offers process specific protection by hooking the kernel API\nroutine NtConnectPort(). NtConnectPort() is used by programs to\nimplement advanced inter-process communication (IPC). The\nNtConnectPort() function is declared as follows:\n\n NtConnectPort(\n OUT PHANDLE ClientPortHandle,\n IN PUNICODE_STRING ServerPortName,\n IN PSECURITY_QUALITY_OF_SERVICE SecurityQos,\n IN OUT PLPC_SECTION_OWNER_MEMORY ClientSharedMemory OPTIONAL,\n OUT PLPC_SECTION_MEMORY ServerSharedMemory OPTIONAL,\n OUT PULONG MaximumMessageLength OPTIONAL,\n IN OUT PVOID ConnectionInfo OPTIONAL,\n IN OUT PULONG ConnectionInfoLength OPTIONAL);\n\nThe problem specifically exists within vsdatant.sys as ZoneAlarm fails\nto verify the second argument. \u0027ServerPortName\u0027 is a valid address\nprior to derefencing it as a pointer. The vulnerable section of code is\ndisplayed here:\n\n 0001EE93 mov esi, [esp+108h+ServerPortName]\n 0001EE9A mov edi, eax\n 0001EE9C test esi, esi\n 0001EE9E jz short loc_1EEB6\n 0001EEA0 mov edx, [esi+4]\n\nThe argument \u0027ServerPortName\u0027 is stored in the register ESI. A check is\nmade to ensure that the value is not NULL. Any non-zero invalid memory address\ncan be passed as the second argument to NtConnectPort(), resulting in a\nsystem crash. \n\nIII. ANALYSIS\n\nExploitation allows local and remote attackers who have exploited\nanother vulnerability to trigger a DoS in kernel space, resulting in a\n\"blue screen of death.\"\n\nIV. DETECTION\n\niDEFENSE has confirmed the existence of this vulnerability in ZoneAlarm\nversion 5.1. It is suspected that previous versions of ZoneAlarm are\nvulnerable as well. \n\nV. WORKAROUND\n\niDEFENSE is currently unaware of any workarounds for this issue. \n\nVI. VENDOR RESPONSE\n\nA vendor advisory for this issue is available at:\n\n http://download.zonelabs.com/bin/free/securityAlert/19.html\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nnames CAN-2005-0114 to these issues. This is a candidate for inclusion\nin the CVE list (http://cve.mitre.org), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n01/06/2005 Initial vendor notification\n01/07/2005 Initial vendor response\n02/11/2005 Coordinated public disclosure\n\nIX. CREDIT\n\niDEFENSE Labs is credited with this discovery. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nX. LEGAL NOTICES\n\nCopyright (c) 2005 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n\nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0114"
},
{
"db": "BID",
"id": "12531"
},
{
"db": "VULHUB",
"id": "VHN-11323"
},
{
"db": "VULMON",
"id": "CVE-2005-0114"
},
{
"db": "PACKETSTORM",
"id": "36163"
}
],
"trust": 1.44
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-11323",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11323"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0114",
"trust": 2.2
},
{
"db": "BID",
"id": "12531",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "14256",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-200502-047",
"trust": 0.7
},
{
"db": "IDEFENSE",
"id": "20050211 ZONEALARM 5.1 INVALID POINTER DEREFERENCE VULNERABILITY",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "36163",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-11323",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2005-0114",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11323"
},
{
"db": "VULMON",
"id": "CVE-2005-0114"
},
{
"db": "BID",
"id": "12531"
},
{
"db": "PACKETSTORM",
"id": "36163"
},
{
"db": "NVD",
"id": "CVE-2005-0114"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-047"
}
]
},
"id": "VAR-200502-0086",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11323"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:45:27.123000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0114"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/12531"
},
{
"trust": 1.9,
"url": "http://download.zonelabs.com/bin/free/securityalert/19.html"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/14256"
},
{
"trust": 1.8,
"url": "http://www.idefense.com/application/poi/display?id=199\u0026type=vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.zonelabs.com"
},
{
"trust": 0.3,
"url": "/archive/1/390199"
},
{
"trust": 0.3,
"url": "/archive/1/390198"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=199\u0026amp;type=vulnerabilities"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/poi/teams/vcp.jsp"
},
{
"trust": 0.1,
"url": "http://www.zonelabs.com/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-0114"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11323"
},
{
"db": "VULMON",
"id": "CVE-2005-0114"
},
{
"db": "BID",
"id": "12531"
},
{
"db": "PACKETSTORM",
"id": "36163"
},
{
"db": "NVD",
"id": "CVE-2005-0114"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-047"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-11323"
},
{
"db": "VULMON",
"id": "CVE-2005-0114"
},
{
"db": "BID",
"id": "12531"
},
{
"db": "PACKETSTORM",
"id": "36163"
},
{
"db": "NVD",
"id": "CVE-2005-0114"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-047"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-02-11T00:00:00",
"db": "VULHUB",
"id": "VHN-11323"
},
{
"date": "2005-02-11T00:00:00",
"db": "VULMON",
"id": "CVE-2005-0114"
},
{
"date": "2005-02-11T00:00:00",
"db": "BID",
"id": "12531"
},
{
"date": "2005-02-24T16:48:40",
"db": "PACKETSTORM",
"id": "36163"
},
{
"date": "2005-02-11T05:00:00",
"db": "NVD",
"id": "CVE-2005-0114"
},
{
"date": "2005-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200502-047"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-11323"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULMON",
"id": "CVE-2005-0114"
},
{
"date": "2009-07-12T10:06:00",
"db": "BID",
"id": "12531"
},
{
"date": "2008-09-05T20:45:21.747000",
"db": "NVD",
"id": "CVE-2005-0114"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200502-047"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "12531"
},
{
"db": "PACKETSTORM",
"id": "36163"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-047"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ZoneAlarm 5.1 Illegal pointer discards local denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-047"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "12531"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-047"
}
],
"trust": 0.9
}
}