var-200704-0313
Vulnerability from variot
The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses. Check Point ZoneAlarm is prone to multiple local privilege-escalation vulnerabilities. On a default installation, only certain restricted accounts can access the vulnerable sections of the application. An attacker can exploit these issues to execute arbitrary code with SYSTEM-level privileges. A successful exploit will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. ZoneAlarm is a personal computer firewall that protects personal data and privacy. There is a vulnerability in ZoneAlarm's srescan.sys driver implementation. Local attackers may use this vulnerability to elevate their privileges in the system. The IOCTL handling code of the srescan.sys device driver does not correctly handle userland addresses passed to IOCTL 0x22208F and IOCTL 0x2220CF. In the case of IOCTL 0x2220CF, the attacker can write the constant double word value 0x30000; in the case of IOCTL 0x22208F, the attacker can write the contents of the ZwQuerySystemInformation return buffer.
Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. http://corporate.secunia.com/trial/38/request/
TITLE: ZoneAlarm Products SRESCAN.SYS IOCTL Handler Privilege Escalation
SECUNIA ADVISORY ID: SA24986
VERIFY ADVISORY: http://secunia.com/advisories/24986/
CRITICAL: Less critical
IMPACT: Privilege escalation
WHERE: Local system
SOFTWARE: ZoneAlarm 4.x http://secunia.com/product/150/ ZoneAlarm 3.x http://secunia.com/product/153/ ZoneAlarm 2.x http://secunia.com/product/3056/ ZoneAlarm 5.x http://secunia.com/product/4647/ ZoneAlarm 6.x http://secunia.com/product/5806/ ZoneAlarm 7.x http://secunia.com/product/13889/ ZoneAlarm Anti-Spyware 6.x http://secunia.com/product/6073/ ZoneAlarm Antivirus 5.x http://secunia.com/product/4271/ ZoneAlarm Antivirus 6.x http://secunia.com/product/6074/ ZoneAlarm Internet Security Suite 6.x http://secunia.com/product/6072/ ZoneAlarm Plus 3.x http://secunia.com/product/3057/ ZoneAlarm Plus 4.x http://secunia.com/product/151/ ZoneAlarm Pro 2.x http://secunia.com/product/152/ ZoneAlarm Pro 3.x http://secunia.com/product/1960/ ZoneAlarm Pro 4.x http://secunia.com/product/1961/ ZoneAlarm Pro 5.x http://secunia.com/product/4280/ ZoneAlarm Pro 6.x http://secunia.com/product/6071/ ZoneAlarm Security Suite 5.x http://secunia.com/product/4272/ ZoneAlarm Wireless Security 5.x http://secunia.com/product/4648/
DESCRIPTION: Some vulnerabilities have been reported in ZomeAlarm products, which can be exploited by malicious, local users to gain escalated privileges.
Insufficient address space verification within the 0x22208F and 0x0x2220CF IOCTL handlers of SRESCAN.SYS and insecure permissions on the \.\SreScan DOS device interface can be exploited to e.g.
The vulnerabilities are reported in SRESCAN.SYS version 5.0.63.0 included in the free version of ZoneAlarm. Other versions may also be affected.
SOLUTION: Update to version 5.0.156.0 or higher of the ZoneAlarm Spyware Removal Engine (current deployed version is 5.0.162.0). http://www.zonealarm.com/store/content/catalog/download_buy.jsp?dc=12bms&ctry=US&lang=en
PROVIDED AND/OR DISCOVERED BY: Discovered by Ruben Santamarta and reported via iDefense Labs.
ORIGINAL ADVISORY: iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517
Reversemode: http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=48
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200704-0313",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zonealarm",
"scope": "lte",
"trust": 1.0,
"vendor": "checkpoint",
"version": "5.0.63.0"
},
{
"model": "zonealarm",
"scope": "lt",
"trust": 0.8,
"vendor": "check point",
"version": "5.0.156.0"
},
{
"model": "zonealarm",
"scope": "eq",
"trust": 0.6,
"vendor": "checkpoint",
"version": "5.0.63.0"
},
{
"model": "labs zonealarm security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.5.722"
},
{
"model": "labs zonealarm security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.1.744.000"
},
{
"model": "labs zonealarm security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.1.737"
},
{
"model": "labs zonealarm security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.5.062.011"
},
{
"model": "labs zonealarm security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.5.062"
},
{
"model": "labs zonealarm security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.5"
},
{
"model": "labs zonealarm security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.1"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.0"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.5.062.011"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.5.062"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.1"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.0.590.015"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.5.538.001"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.5"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.0"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "3.1"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "3.0"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.6"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.4"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "7.0.302.000"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.5.737.000"
},
{
"model": "labs zonealarm pro",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.1.744.001"
},
{
"model": "labs zonealarm plus",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.5.538.001"
},
{
"model": "labs zonealarm plus",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.0"
},
{
"model": "labs zonealarm internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.0"
},
{
"model": "labs zonealarm for windows xp",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.6"
},
{
"model": "labs zonealarm antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.0"
},
{
"model": "labs zonealarm antivirus",
"scope": null,
"trust": 0.3,
"vendor": "zone",
"version": null
},
{
"model": "labs zonealarm anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.1"
},
{
"model": "labs zonealarm anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.0"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "6.0"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.5.062.011"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "5.1"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.5.538.001"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "4.0"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "3.7.202"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "3.1"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "3.0"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.6"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.5"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.4"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.3"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.2"
},
{
"model": "labs zonealarm",
"scope": "eq",
"trust": 0.3,
"vendor": "zone",
"version": "2.1"
}
],
"sources": [
{
"db": "BID",
"id": "23579"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001861"
},
{
"db": "NVD",
"id": "CVE-2007-2174"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-453"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:checkpoint:zonealarm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.63.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2174"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ruben Santamarta ruben@reversemode.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200704-453"
}
],
"trust": 0.6
},
"cve": "CVE-2007-2174",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-2174",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-25536",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-2174",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200704-453",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-25536",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25536"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001861"
},
{
"db": "NVD",
"id": "CVE-2007-2174"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-453"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses. Check Point ZoneAlarm is prone to multiple local privilege-escalation vulnerabilities. \nOn a default installation, only certain restricted accounts can access the vulnerable sections of the application. \nAn attacker can exploit these issues to execute arbitrary code with SYSTEM-level privileges. A successful exploit will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. ZoneAlarm is a personal computer firewall that protects personal data and privacy. There is a vulnerability in ZoneAlarm\u0027s srescan.sys driver implementation. Local attackers may use this vulnerability to elevate their privileges in the system. The IOCTL handling code of the srescan.sys device driver does not correctly handle userland addresses passed to IOCTL 0x22208F and IOCTL 0x2220CF. In the case of IOCTL 0x2220CF, the attacker can write the constant double word value 0x30000; in the case of IOCTL 0x22208F, the attacker can write the contents of the ZwQuerySystemInformation return buffer. \n\n----------------------------------------------------------------------\n\nSecunia customers receive relevant and filtered advisories. \nDelivery is done via different channels including SMS, Email, Web,\nand https based XML feed. \nhttp://corporate.secunia.com/trial/38/request/\n\n----------------------------------------------------------------------\n\nTITLE:\nZoneAlarm Products SRESCAN.SYS IOCTL Handler Privilege Escalation\n\nSECUNIA ADVISORY ID:\nSA24986\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24986/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation\n\nWHERE:\nLocal system\n\nSOFTWARE:\nZoneAlarm 4.x\nhttp://secunia.com/product/150/\nZoneAlarm 3.x\nhttp://secunia.com/product/153/\nZoneAlarm 2.x\nhttp://secunia.com/product/3056/\nZoneAlarm 5.x\nhttp://secunia.com/product/4647/\nZoneAlarm 6.x\nhttp://secunia.com/product/5806/\nZoneAlarm 7.x\nhttp://secunia.com/product/13889/\nZoneAlarm Anti-Spyware 6.x\nhttp://secunia.com/product/6073/\nZoneAlarm Antivirus 5.x\nhttp://secunia.com/product/4271/\nZoneAlarm Antivirus 6.x\nhttp://secunia.com/product/6074/\nZoneAlarm Internet Security Suite 6.x\nhttp://secunia.com/product/6072/\nZoneAlarm Plus 3.x\nhttp://secunia.com/product/3057/\nZoneAlarm Plus 4.x\nhttp://secunia.com/product/151/\nZoneAlarm Pro 2.x\nhttp://secunia.com/product/152/\nZoneAlarm Pro 3.x\nhttp://secunia.com/product/1960/\nZoneAlarm Pro 4.x\nhttp://secunia.com/product/1961/\nZoneAlarm Pro 5.x\nhttp://secunia.com/product/4280/\nZoneAlarm Pro 6.x\nhttp://secunia.com/product/6071/\nZoneAlarm Security Suite 5.x\nhttp://secunia.com/product/4272/\nZoneAlarm Wireless Security 5.x\nhttp://secunia.com/product/4648/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in ZomeAlarm products, which\ncan be exploited by malicious, local users to gain escalated\nprivileges. \n\nInsufficient address space verification within the 0x22208F and\n0x0x2220CF IOCTL handlers of SRESCAN.SYS and insecure permissions on\nthe \\\\.\\SreScan DOS device interface can be exploited to e.g. \n\nThe vulnerabilities are reported in SRESCAN.SYS version 5.0.63.0\nincluded in the free version of ZoneAlarm. Other versions may also be\naffected. \n\nSOLUTION:\nUpdate to version 5.0.156.0 or higher of the ZoneAlarm Spyware\nRemoval Engine (current deployed version is 5.0.162.0). \nhttp://www.zonealarm.com/store/content/catalog/download_buy.jsp?dc=12bms\u0026ctry=US\u0026lang=en\n\nPROVIDED AND/OR DISCOVERED BY:\nDiscovered by Ruben Santamarta and reported via iDefense Labs. \n\nORIGINAL ADVISORY:\niDefense Labs:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517\n\nReversemode:\nhttp://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=48\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2174"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001861"
},
{
"db": "BID",
"id": "23579"
},
{
"db": "VULHUB",
"id": "VHN-25536"
},
{
"db": "PACKETSTORM",
"id": "56156"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-2174",
"trust": 2.5
},
{
"db": "BID",
"id": "23579",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "24986",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1017953",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1017948",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-1491",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001861",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200704-453",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20070423 [REVERSEMODE ADVISORY] CHECKPOINT ZONELABS - ZONEALARM SRESCAN DRIVER LOCAL PRIVILEGE ESCALATION",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20070420 CHECK POINT ZONE LABS SRESCAN IOCTL LOCAL PRIVILEGE ESCALATION VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "33786",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-25536",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56156",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25536"
},
{
"db": "BID",
"id": "23579"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001861"
},
{
"db": "PACKETSTORM",
"id": "56156"
},
{
"db": "NVD",
"id": "CVE-2007-2174"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-453"
}
]
},
"id": "VAR-200704-0313",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25536"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:12:43.308000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.checkpoint.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001861"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2174"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/23579"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017948"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017953"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24986"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/466656/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/1491"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33786"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2174"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2174"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/33786"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/466656/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/1491"
},
{
"trust": 0.3,
"url": "http://www.zonelabs.com"
},
{
"trust": 0.3,
"url": "/archive/1/466656"
},
{
"trust": 0.3,
"url": "http://www.zonealarm.com"
},
{
"trust": 0.3,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=download\u0026id=48\u0026chk=bab5257f3ee1107ea201a3a76f1e4c01"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4272/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/150/"
},
{
"trust": 0.1,
"url": "http://www.zonealarm.com/store/content/catalog/download_buy.jsp?dc=12bms\u0026ctry=us\u0026lang=en"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3057/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4647/"
},
{
"trust": 0.1,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=fileinfo\u0026id=48"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4280/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1960/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/151/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/152/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5806/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6072/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1961/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6074/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/153/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/trial/38/request/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6073/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4271/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/13889/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4648/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6071/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3056/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24986/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25536"
},
{
"db": "BID",
"id": "23579"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001861"
},
{
"db": "PACKETSTORM",
"id": "56156"
},
{
"db": "NVD",
"id": "CVE-2007-2174"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-453"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-25536"
},
{
"db": "BID",
"id": "23579"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001861"
},
{
"db": "PACKETSTORM",
"id": "56156"
},
{
"db": "NVD",
"id": "CVE-2007-2174"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-453"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-04-24T00:00:00",
"db": "VULHUB",
"id": "VHN-25536"
},
{
"date": "2007-04-20T00:00:00",
"db": "BID",
"id": "23579"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001861"
},
{
"date": "2007-04-23T14:27:41",
"db": "PACKETSTORM",
"id": "56156"
},
{
"date": "2007-04-24T16:19:00",
"db": "NVD",
"id": "CVE-2007-2174"
},
{
"date": "2007-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200704-453"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-25536"
},
{
"date": "2008-02-11T21:26:00",
"db": "BID",
"id": "23579"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001861"
},
{
"date": "2018-10-16T16:42:24.727000",
"db": "NVD",
"id": "CVE-2007-2174"
},
{
"date": "2007-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200704-453"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "23579"
},
{
"db": "PACKETSTORM",
"id": "56156"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-453"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point ZoneAlarm of ZoneAlarm SRE Vulnerable to arbitrary file execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001861"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "23579"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-453"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.