Описание
Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client.
Уязвимые конфигурации
Конфигурация 1Версия до 15.4.062 (включая)
cpe:2.3:a:checkpoint:zonealarm:*:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00034
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-114
CWE-426
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client.
EPSS
Процентиль: 9%
0.00034
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-114
CWE-426