vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro prior to 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zonelabs zonealarm |