CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2007-2083 – ZoneAlarm 6.1.744.001/6.5.737.000 - Vsdatant.SYS Driver Local Denial of Service
https://notcve.org/view.php?id=CVE-2007-2083
18 Apr 2007 — vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions. vsdatant.sys en Check Point Zone Labs ZoneAlarm Pro anterior a 7.0.302.000 no valida ciertos argumentos antes de ser pasados a manejadores de funciones SSDT, lo cual perm... • https://www.exploit-db.com/exploits/29860 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-2932
https://notcve.org/view.php?id=CVE-2005-2932
31 Dec 2005 — Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2004-1534
https://notcve.org/view.php?id=CVE-2004-1534
31 Dec 2004 — ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript. • http://download.zonelabs.com/bin/free/securityAlert/18.html •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0612
https://notcve.org/view.php?id=CVE-2004-0612
30 Jun 2004 — The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification. El filtro de Código Móvil en ZoneAlarm PRO 5.0.590.015 no filtra código móvil dentro de una sesión SSL cifrada, lo que podría permitir a un atacanter remoto saltarse el filtrado de código móvil. NOTA: El vendedor ha manifestado q... • http://archives.neohapsis.com/archives/bugtraq/2004-06/0420.html •