CVE-2007-2083 – ZoneAlarm 6.1.744.001/6.5.737.000 - Vsdatant.SYS Driver Local Denial of Service
https://notcve.org/view.php?id=CVE-2007-2083
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions. vsdatant.sys en Check Point Zone Labs ZoneAlarm Pro anterior a 7.0.302.000 no valida ciertos argumentos antes de ser pasados a manejadores de funciones SSDT, lo cual permite a usuarios locales provocar una denegación de servicio (caída del sistema) o posiblemente ejecutar código de su elección mediante argumentos manipulados artesanalmente a las funciones (1) NtCreateKey y (2) NtDeleteFile. • https://www.exploit-db.com/exploits/29860 http://osvdb.org/35239 http://securityreason.com/securityalert/2591 http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://www.securityfocus.com/archive/1/465868/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/33664 •
CVE-2005-2932
https://notcve.org/view.php?id=CVE-2005-2932
Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584 http://secunia.com/advisories/26513 http://securitytracker.com/id?1018588 http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53 http://www.securityfocus.com/bid/25365 http://www.securityfocus.com/bid/25377 http://www.vupen.com/english/advisories/2007/2929 https://exchange.xforce.ibmcloud.com/vulnerabilities/36110 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2005-0114
https://notcve.org/view.php?id=CVE-2005-0114
vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer. • http://download.zonelabs.com/bin/free/securityAlert/19.html http://secunia.com/advisories/14256 http://www.idefense.com/application/poi/display?id=199&type=vulnerabilities http://www.securityfocus.com/bid/12531 •