Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zonealarm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-2174
The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm prior to 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses.
Checkpoint Zonealarm
5.5
CVSSv3
CVE-2020-6022
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware.
Checkpoint Zonealarm
8.8
CVSSv3
CVE-2022-41604
Check Point ZoneAlarm Extreme Security prior to 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junct...
Checkpoint Zonealarm
NA
CVE-2007-2083
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro prior to 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted a...
Zonelabs Zonealarm
1 EDB exploit
7.8
CVSSv3
CVE-2018-8790
Check Point ZoneAlarm version 15.3.064.17729 and below expose a WCF service that can allow a local low privileged user to execute arbitrary code as SYSTEM.
Checkpoint Zonealarm
NA
CVE-2002-1997
ZoneAlarm Pro 3.0 MailSafe allows remote malicious users to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension.
Zonelabs Zonealarm 3.0
NA
CVE-2008-7025
TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service (crash) and disable the HIDS module via a crafted response.
Checkpoint Zonealarm 8.0.020.000
1 EDB exploit
NA
CVE-2000-0220
ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event.
Zonelabs Zonealarm 2.0.26
NA
CVE-2004-2713
Zone Alarm Pro 1.0 up to and including 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that...
Zonelabs Zonealarm 1.0
NA
CVE-2004-0612
The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote malicious users to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specif...
Zonelabs Zonealarm 5.0.590.015
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »