CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3540
https://notcve.org/view.php?id=CVE-2006-3540
13 Jul 2006 — Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, and possibly other versions do not properly validate RegSaveKey, RegRestoreKey, and RegDeleteKey function calls, which allows local users to cause a denial of service (system crash) via a certain combination of these function calls with an HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VETFDDNT\Enum argument. Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, y posiblemente otras versiones ... • http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-protection-of-registry-key-VETFDDNT-Enum.php •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-2932 – iDEFENSE Security Advisory 2007-08-20.1
https://notcve.org/view.php?id=CVE-2005-2932
31 Dec 2005 — Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls. Local exploitation of an insecure permission vulnerability in multiple Check Point Zone Labs products allows attackers to escalate privileges or disable protection. The vulnerability specifically exists in the default file Access Control List (ACL) settings th... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584 • CWE-264: Permissions, Privileges, and Access Controls •