Published: 18/04/2007 Updated: 16/10/2018

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

VMScore: 695

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro prior to 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
zonelabs zonealarm

source: wwwsecurityfocuscom/bid/23494/info ZoneAlarm is prone to a local denial-of-service vulnerability This issue occurs when attackers supply invalid argument values to the 'vsdatantsys' driver A local attacker may exploit this issue to crash affected computers, denying service to legitimate users ZoneAlarm Pro 65737000 and 6 ...

NVD-CWE-Other http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://securityreason.com/securityalert/2591 http://osvdb.org/35239 https://exchange.xforce.ibmcloud.com/vulnerabilities/33664 http://www.securityfocus.com/archive/1/465868/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/29860/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-2083

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect