Computer Security
[EN] securityvulns.ru no-pyccku


ZoneAlarm personal firewall multiple security vulnerabilities
updated since 17.04.2007
Published:02.05.2007
Source:
SecurityVulns ID:7597
Type:local
Threat Level:
5/10
Description:Insufficient arguments validation for hooked functions allows privilege escalation.
Affected:ZONELABS : ZoneAlarm Pro 6.5
CVE:CVE-2007-2467 (ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access.)
 CVE-2007-2083 (vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.)
Original documentdocumentMatousec - Transparent security Research, ZoneAlarm Insufficient validation of 'vsdatant' driver input buffer Vulnerability (02.05.2007)
 documentReversemode, [Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation (24.04.2007)
 documentIDEFENSE, iDefense Security Advisory 04.20.07: Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability (21.04.2007)
 documentMatousec - Transparent security Research, ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability (17.04.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod