CVE-2005-3560
Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-11-07 First Exploit
- 2005-11-16 CVE Reserved
- 2005-11-16 CVE Published
- 2024-08-07 CVE Updated
- 2024-10-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/155 | Third Party Advisory | |
| http://www.osvdb.org/20677 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/415968 | Mailing List | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/22971 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/26479 | 2005-11-07 | |
| http://www.securityfocus.com/bid/15347 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/17450 | 2017-07-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zonelabs Search vendor "Zonelabs" | Zonealarm Search vendor "Zonelabs" for product "Zonealarm" | 6.0 Search vendor "Zonelabs" for product "Zonealarm" and version "6.0" | - |
Affected
| ||||||
| Zonelabs Search vendor "Zonelabs" | Zonealarm Search vendor "Zonelabs" for product "Zonealarm" | 6.0 Search vendor "Zonelabs" for product "Zonealarm" and version "6.0" | pro |
Affected
| ||||||
| Zonelabs Search vendor "Zonelabs" | Zonealarm Anti-spyware Search vendor "Zonelabs" for product "Zonealarm Anti-spyware" | 6.0 Search vendor "Zonelabs" for product "Zonealarm Anti-spyware" and version "6.0" | - |
Affected
| ||||||
| Zonelabs Search vendor "Zonelabs" | Zonealarm Anti-spyware Search vendor "Zonelabs" for product "Zonealarm Anti-spyware" | 6.1 Search vendor "Zonelabs" for product "Zonealarm Anti-spyware" and version "6.1" | - |
Affected
| ||||||
| Zonelabs Search vendor "Zonelabs" | Zonealarm Antivirus Search vendor "Zonelabs" for product "Zonealarm Antivirus" | 6.0 Search vendor "Zonelabs" for product "Zonealarm Antivirus" and version "6.0" | - |
Affected
| ||||||
| Zonelabs Search vendor "Zonelabs" | Zonealarm Security Suite Search vendor "Zonelabs" for product "Zonealarm Security Suite" | 6.0 Search vendor "Zonelabs" for product "Zonealarm Security Suite" and version "6.0" | - |
Affected
| ||||||