CVE-2007-2174

Опубликовано: 24 апр. 2007

Источник: nvd

CVSS2: 7.2

EPSS Низкий

Описание

The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses.

Ссылки

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517
Vendor Advisory
http://secunia.com/advisories/24986
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/466656/100/0/threaded
http://www.securityfocus.com/bid/23579
http://www.securitytracker.com/id?1017948
http://www.securitytracker.com/id?1017953
http://www.vupen.com/english/advisories/2007/1491
https://exchange.xforce.ibmcloud.com/vulnerabilities/33786
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517
Vendor Advisory
http://secunia.com/advisories/24986
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/466656/100/0/threaded
http://www.securityfocus.com/bid/23579
http://www.securitytracker.com/id?1017948
http://www.securitytracker.com/id?1017953
http://www.vupen.com/english/advisories/2007/1491
https://exchange.xforce.ibmcloud.com/vulnerabilities/33786

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:checkpoint:zonealarm:*:*:*:*:*:*:*:*

Версия до 5.0.63.0 (включая)

EPSS

Процентиль: 21%

0.00069

Низкий

7.2 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-r482-54vx-vgj4

github

почти 4 года назад