CVE-2007-2083
ZoneAlarm 6.1.744.001/6.5.737.000 - Vsdatant.SYS Driver Local Denial of Service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
vsdatant.sys en Check Point Zone Labs ZoneAlarm Pro anterior a 7.0.302.000 no valida ciertos argumentos antes de ser pasados a manejadores de funciones SSDT, lo cual permite a usuarios locales provocar una denegación de servicio (caída del sistema) o posiblemente ejecutar código de su elección mediante argumentos manipulados artesanalmente a las funciones (1) NtCreateKey y (2) NtDeleteFile.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-04-15 First Exploit
- 2007-04-17 CVE Reserved
- 2007-04-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
http://osvdb.org/35239 | Vdb Entry | |
http://securityreason.com/securityalert/2591 | Third Party Advisory | |
http://www.securityfocus.com/archive/1/465868/100/0/threaded | Mailing List | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/33664 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/29860 | 2007-04-15 |
URL | Date | SRC |
---|---|---|
http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php | 2018-10-16 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Zonelabs Search vendor "Zonelabs" | Zonealarm Search vendor "Zonelabs" for product "Zonealarm" | <= 6.5.714.000 Search vendor "Zonelabs" for product "Zonealarm" and version " <= 6.5.714.000" | pro |
Affected
|