CVE-2007-2083
ZoneAlarm 6.1.744.001/6.5.737.000 - Vsdatant.SYS Driver Local Denial of Service
Severity Score
6.9
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
vsdatant.sys en Check Point Zone Labs ZoneAlarm Pro anterior a 7.0.302.000 no valida ciertos argumentos antes de ser pasados a manejadores de funciones SSDT, lo cual permite a usuarios locales provocar una denegación de servicio (caída del sistema) o posiblemente ejecutar código de su elección mediante argumentos manipulados artesanalmente a las funciones (1) NtCreateKey y (2) NtDeleteFile.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-04-15 First Exploit
- 2007-04-17 CVE Reserved
- 2007-04-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/35239 | Vdb Entry | |
| http://securityreason.com/securityalert/2591 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/465868/100/0/threaded | Mailing List | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33664 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/29860 | 2007-04-15 |
| URL | Date | SRC |
|---|---|---|
| http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php | 2018-10-16 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Zonelabs Search vendor "Zonelabs" | Zonealarm Search vendor "Zonelabs" for product "Zonealarm" | <= 6.5.714.000 Search vendor "Zonelabs" for product "Zonealarm" and version " <= 6.5.714.000" | pro |
Affected
| ||||||