ZoneAlarm
by ZoneAlarm
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0682 | Med | 0.36 | 5.5 | 0.00 | Aug 29, 2001 | ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting. | ||
| CVE-2007-5044 | 0.00 | — | 0.00 | Sep 24, 2007 | ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreatePort and (2) NtDeleteFile kernel… | |||
| CVE-2007-2467 | 0.00 | — | 0.00 | May 2, 2007 | ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access. | |||
| CVE-2007-0351 | 0.00 | — | 0.00 | Jan 19, 2007 | Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. NOTE: it is not clear whether this is an issue in Windows itself, or… | |||
| CVE-2004-1534 | 0.00 | — | 0.02 | Dec 31, 2004 | ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript. | |||
| CVE-2004-1936 | 0.00 | — | 0.02 | Apr 14, 2004 | ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters. | |||
| CVE-2001-1548 | 0.00 | — | 0.00 | Dec 31, 2001 | ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters. |
- risk 0.36cvss 5.5epss 0.00
ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object which prevents ZoneAlarm from starting.
- CVE-2007-5044Sep 24, 2007risk 0.00cvss —epss 0.00
ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the (1) NtCreatePort and (2) NtDeleteFile kernel…
- CVE-2007-2467May 2, 2007risk 0.00cvss —epss 0.00
ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access.
- CVE-2007-0351Jan 19, 2007risk 0.00cvss —epss 0.00
Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. NOTE: it is not clear whether this is an issue in Windows itself, or…
- CVE-2004-1534Dec 31, 2004risk 0.00cvss —epss 0.02
ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application instability or system hang) via certain JavaScript.
- CVE-2004-1936Apr 14, 2004risk 0.00cvss —epss 0.02
ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters.
- CVE-2001-1548Dec 31, 2001risk 0.00cvss —epss 0.00
ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.