CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2174
https://notcve.org/view.php?id=CVE-2007-2174
24 Apr 2007 — The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses. el manejo de IOCTL en srescan.sys en el ZoneAlarm Spyware Removal Engine (SRE) de Check Point ZoneAlarm anterior a 5.0.156.0 permite a usuarios locales ejecutar código de su elección a través de determinadas direcciones de parámetros lrp IOCTL. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-2083 – ZoneAlarm 6.1.744.001/6.5.737.000 - Vsdatant.SYS Driver Local Denial of Service
https://notcve.org/view.php?id=CVE-2007-2083
18 Apr 2007 — vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions. vsdatant.sys en Check Point Zone Labs ZoneAlarm Pro anterior a 7.0.302.000 no valida ciertos argumentos antes de ser pasados a manejadores de funciones SSDT, lo cual perm... • https://www.exploit-db.com/exploits/29860 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-2932
https://notcve.org/view.php?id=CVE-2005-2932
31 Dec 2005 — Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2004-2713
https://notcve.org/view.php?id=CVE-2004-2713
31 Dec 2004 — Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that it does not affect product functionality since the same information is also saved in a protected file • http://archives.neohapsis.com/archives/bugtraq/2004-08/0389.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 2CVE-2001-1548
https://notcve.org/view.php?id=CVE-2001-1548
31 Dec 2001 — ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters. • http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.html •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2001-1373
https://notcve.org/view.php?id=CVE-2001-1373
18 Jul 2001 — MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments. • http://www.securityfocus.com/archive/1/197681 •
CVSS: 9.1EPSS: 3%CPEs: 1EXPL: 1CVE-2000-0339 – Zone Labs ZoneAlarm 2.1 Personal Firewall - Port 67
https://notcve.org/view.php?id=CVE-2000-0339
24 Apr 2000 — ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules. • https://www.exploit-db.com/exploits/19871 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0220
https://notcve.org/view.php?id=CVE-2000-0220
24 Feb 2000 — ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0220 •