CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5044
https://notcve.org/view.php?id=CVE-2007-5044
ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreatePort and (2) NtDeleteFile kernel SSDT hooks, a partial regression of CVE-2007-2083. ZoneAlarm Pro 7.0.362.000 no valida de forma adecuada ciertos parámetros en los maneadores de función System Service Descriptor Table (SSDT), lo cual permite a usuarios locales provocar denegación de servicio (caida) y posiblemente ganar privilegios a través del secuestro de (1) NtCreatePort y (2) NtDeleteFile kernel SSDT, una regresión parcial de CVE-2007-2083. • http://osvdb.org/45898 http://securityreason.com/securityalert/3161 http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www.securityfocus.com/archive/1/479830/100/0/threaded • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2007-2467
https://notcve.org/view.php?id=CVE-2007-2467
ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access. ZoneAlarm Pro 6.5.737.000, 6.1.744.001, y posiblemente versiones anteriores y otros productos, permite a usuarios locales provocar una denegación de servicio (caída del sistema) enviando información mal formada al controlador de dispositivo vsdatant, lo cual provoca un acceso inválido a memoria. • http://osvdb.org/35240 http://secunia.com/advisories/25064 http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-validation-of-vsdatant-driver-input-buffer.php http://www.securityfocus.com/archive/1/467269/100/0/threaded http://www.securityfocus.com/bid/23734 http://www.vupen.com/english/advisories/2007/1608 https://exchange.xforce.ibmcloud.com/vulnerabilities/34028 •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2007-2083 – ZoneAlarm 6.1.744.001/6.5.737.000 - Vsdatant.SYS Driver Local Denial of Service
https://notcve.org/view.php?id=CVE-2007-2083
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions. vsdatant.sys en Check Point Zone Labs ZoneAlarm Pro anterior a 7.0.302.000 no valida ciertos argumentos antes de ser pasados a manejadores de funciones SSDT, lo cual permite a usuarios locales provocar una denegación de servicio (caída del sistema) o posiblemente ejecutar código de su elección mediante argumentos manipulados artesanalmente a las funciones (1) NtCreateKey y (2) NtDeleteFile. • https://www.exploit-db.com/exploits/29860 http://osvdb.org/35239 http://securityreason.com/securityalert/2591 http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://www.securityfocus.com/archive/1/465868/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/33664 •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2007-0351
https://notcve.org/view.php?id=CVE-2007-0351
Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. NOTE: it is not clear whether this is an issue in Windows itself, or an interaction with another product. The issue might involve ZoneAlarm not being able to terminate processes when it cannot prompt the user. Microsoft Windows XP y Windows Server 2003 no manejan apropiadamente el cierre de sesión del usuario, lo que podría permitir a los usuarios locales conseguir los privilegios de un usuario de sistema anterior, posiblemente relacionados con el error de descarga del perfil de usuario. NOTA: no está claro si esto es un problema en Windows en sí, o una interacción con otro producto. • http://www.securityfocus.com/archive/1/457167/100/0/threaded http://www.securityfocus.com/archive/1/457217/100/0/threaded http://www.securityfocus.com/archive/1/457340/100/0/threaded http://www.securityfocus.com/archive/1/457807/100/200/threaded http://www.securityfocus.com/archive/1/459838/100/0/threaded •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3540
https://notcve.org/view.php?id=CVE-2006-3540
Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, and possibly other versions do not properly validate RegSaveKey, RegRestoreKey, and RegDeleteKey function calls, which allows local users to cause a denial of service (system crash) via a certain combination of these function calls with an HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VETFDDNT\Enum argument. Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, y posiblemente otras versiones no validan apropiadamente llamadas a funciones RegSaveKey, RegRestoreKey, y RegDeleteKey, lo cual permite a usuarios locales provocar una denegación de servicio (caída de sistema) mediante determinadas combinaciones de estas llamadas a funciones con el argumento: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VETFDDNT\Enum . • http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-protection-of-registry-key-VETFDDNT-Enum.php http://www.securityfocus.com/archive/1/438970/100/0/threaded http://www.securityfocus.com/bid/18789 https://exchange.xforce.ibmcloud.com/vulnerabilities/27584 •