CVSS: 10.0EPSS: 11%CPEs: 5EXPL: 0CVE-2004-0309
https://notcve.org/view.php?id=CVE-2004-0309
Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client 4.0 before 4.0.146.046, and 4.5 before 4.5.085, allows remote attackers to execute arbitrary code via a long RCPT TO argument. • http://download.zonelabs.com/bin/free/securityAlert/8.html http://marc.info/?l=bugtraq&m=107722656827427&w=2 http://www.ciac.org/ciac/bulletins/o-084.shtml http://www.kb.cert.org/vuls/id/619982 http://www.osvdb.org/3991 http://www.securityfocus.com/bid/9696 https://exchange.xforce.ibmcloud.com/vulnerabilities/14991 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2004-1936
https://notcve.org/view.php?id=CVE-2004-1936
ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters. • http://marc.info/?l=bugtraq&m=108206751931251&w=2 http://marc.info/?l=bugtraq&m=108248415509417&w=2 http://www.securityfocus.com/bid/10148 https://exchange.xforce.ibmcloud.com/vulnerabilities/15884 •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 1CVE-2003-1309
https://notcve.org/view.php?id=CVE-2003-1309
The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack"). • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt http://sec-labs.hack.pl/papers/win32ddc.php http://secunia.com/advisories/9459 http://www.osvdb.org/2375 http://www.osvdb.org/4362 http://www.securityfocus.com/bid/8342 https://exchange.xforce.ibmcloud.com/vulnerabilities/12824 •
CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 2CVE-2002-1911 – Zone Labs ZoneAlarm 3.0/3.1 - Syn Flood Denial of Service
https://notcve.org/view.php?id=CVE-2002-1911
ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue. • https://www.exploit-db.com/exploits/21943 http://archives.neohapsis.com/archives/bugtraq/2002-10/0238.html http://www.iss.net/security_center/static/10379.php http://www.securityfocus.com/archive/1/295434 http://www.securityfocus.com/bid/5975 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2002-1997
https://notcve.org/view.php?id=CVE-2002-1997
ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension. • http://www.securityfocus.com/archive/1/265387 http://www.securityfocus.com/bid/4407 https://exchange.xforce.ibmcloud.com/vulnerabilities/8744 •