CVE

Id
25440  
CVE No.
CVE-2007-2083  
Status
Candidate  
Description
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.  
Phase
Assigned (20070417)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
253851 25440 CVE-2007-2083 BUGTRAQ:20070415 ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability  View
253852 25440 CVE-2007-2083 URL:http://www.securityfocus.com/archive/1/archive/1/465868/100/0/threaded  View
253853 25440 CVE-2007-2083 MISC:http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php  View
253854 25440 CVE-2007-2083 OSVDB:35239  View
253855 25440 CVE-2007-2083 URL:http://osvdb.org/35239  View
253856 25440 CVE-2007-2083 SREASON:2591  View
253857 25440 CVE-2007-2083 URL:http://securityreason.com/securityalert/2591  View
253858 25440 CVE-2007-2083 XF:zonealarm-vsdatant-dos(33664)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
55006 JVNDB-2007-003698 oe2edit CMS の oe2edit.cgi におけるクロスサイトスクリプティングの脆弱性 oe2edit CMS の oe2edit.cgi には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2007-2085 25440 6.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003698.html  View