Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zonealarm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2467
ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access.
Zonelabs Zonealarm 6.1.744.001
Zonelabs Zonealarm 6.5.737.000
NA
CVE-2002-1911
ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote malicious users to cause a denial of service (CPU and memory consumption) via a large number of SYN packets (SYN flood). NOTE: the vendor was not able to reproduce the issue.
Zonelabs Zonealarm 3.1
Zonelabs Zonealarm 3.0
1 EDB exploit
NA
CVE-2004-0309
Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm prior to 4.5.538.001, ZoneLabs Integrity client 4.0 prior to 4.0.146.046, and 4.5 prior to 4.5.085, allows remote malicious users to execute arbitrary code via a long RCPT TO argument.
Zonelabs Zonealarm 4.5
Zonelabs Integrity 4.0
Zonelabs Zonealarm 4.0
NA
CVE-2006-3540
Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, and possibly other versions do not properly validate RegSaveKey, RegRestoreKey, and RegDeleteKey function calls, which allows local users to cause a denial of service (system crash) via a certain co...
Zonelabs Zonealarm Security Suite 6.1.737.000
Zonelabs Zonealarm Security Suite 6.5.722.000
NA
CVE-2000-0339
ZoneAlarm 2.1.10 and previous versions does not filter UDP packets with a source port of 67, which allows remote malicious users to bypass the firewall rules.
Zonelabs Zonealarm
1 EDB exploit
5.5
CVSSv3
CVE-2019-8453
Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local malicious user to replace a DLL file with a malicious one and cause Denial of Service to the client.
Checkpoint Zonealarm
7.1
CVSSv3
CVE-2019-8455
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
Checkpoint Zonealarm
NA
CVE-2007-0351
Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. NOTE: it is not clear whether this is an issue in Windows itself, or a...
Zonelabs Zonealarm
7.8
CVSSv3
CVE-2020-6023
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.
Checkpoint Zonealarm
7.8
CVSSv3
CVE-2022-23743
Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file...
Checkpoint Zonealarm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »