CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2005-2932
https://notcve.org/view.php?id=CVE-2005-2932
Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584 http://secunia.com/advisories/26513 http://securitytracker.com/id?1018588 http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53 http://www.securityfocus.com/bid/25365 http://www.securityfocus.com/bid/25377 http://www.vupen.com/english/advisories/2007/2929 https://exchange.xforce.ibmcloud.com/vulnerabilities/36110 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 5%CPEs: 6EXPL: 2CVE-2005-3560 – Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass
https://notcve.org/view.php?id=CVE-2005-3560
Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags. • https://www.exploit-db.com/exploits/26479 http://secunia.com/advisories/17450 http://securityreason.com/securityalert/155 http://www.osvdb.org/20677 http://www.securityfocus.com/archive/1/415968 http://www.securityfocus.com/bid/15347 https://exchange.xforce.ibmcloud.com/vulnerabilities/22971 •