CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 1CVE-2003-1309
https://notcve.org/view.php?id=CVE-2003-1309
The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack"). • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0070.html http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html http://sec-labs.hack.pl/advisories/seclabs-adv-zone-alarm-04-08-2003.txt http://sec-labs.hack.pl/papers/win32ddc.php http://secunia.com/advisories/9459 http://www.osvdb.org/2375 http://www.osvdb.org/4362 http://www.securityfocus.com/bid/8342 https://exchange.xforce.ibmcloud.com/vulnerabilities/12824 •
CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 2CVE-2002-1911 – Zone Labs ZoneAlarm 3.0/3.1 - Syn Flood Denial of Service
https://notcve.org/view.php?id=CVE-2002-1911
ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue. • https://www.exploit-db.com/exploits/21943 http://archives.neohapsis.com/archives/bugtraq/2002-10/0238.html http://www.iss.net/security_center/static/10379.php http://www.securityfocus.com/archive/1/295434 http://www.securityfocus.com/bid/5975 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2002-1997
https://notcve.org/view.php?id=CVE-2002-1997
ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension. • http://www.securityfocus.com/archive/1/265387 http://www.securityfocus.com/bid/4407 https://exchange.xforce.ibmcloud.com/vulnerabilities/8744 •
CVSS: 2.1EPSS: 0%CPEs: 8EXPL: 2CVE-2001-1548
https://notcve.org/view.php?id=CVE-2001-1548
ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters. • http://archives.neohapsis.com/archives/bugtraq/2001-12/0056.html http://archives.neohapsis.com/archives/bugtraq/2001-12/0065.html http://www.iss.net/security_center/static/7671.php http://www.securityfocus.com/bid/3647 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0682
https://notcve.org/view.php?id=CVE-2001-0682
ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting. • http://marc.info/?l=ntbugtraq&m=97818917222992&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/5821 • CWE-667: Improper Locking •