zonealarm · threatengine.sh

CVE-2022-41604

< 15.8.211.19229

Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of wea

8.8HIGH

CVE-2022-23743

< 15.8.211.192119

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In add

7.8HIGH

CVE-2020-6023

< 15.8.139.18543

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Rans

7.8HIGH

CVE-2020-6022

< 15.8.139.18543

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-R

5.5MEDIUM

CVE-2019-8452

<= 15.4.062

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Wind

7.8HIGH

CVE-2019-8455

<= 15.4.062

A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission ch

7.1HIGH

CVE-2019-8453

<= 15.4.062

Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions.

5.5MEDIUM

CVE-2018-8790

<= 15.3.064.17729

Check Point ZoneAlarm version 15.3.064.17729 and below expose a WCF service that can allow a local low privileged user to execute

7.8HIGH

CVE-2008-7025

all versions

TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service (

CVE-2008-7009

all versions

Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute

CVE-2007-5044

all versions

ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handler

CVE-2007-4216

<= 7.0.337.0

vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Inter

CVE-2007-2730

<= 6.1.744.001

Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft W

CVE-2007-2467

all versions

ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of

CVE-2007-2174

<= 5.0.63.0

The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows l

CVE-2007-2083

<= 6.5.714.000

vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to

CVE-2007-0351

all versions

Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privile

CVE-2005-2932

<= 7.0.337.0

Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use

CVE-2005-3560

all versions

Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spywa

CVE-2005-1693

all versions

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e

CVE-2005-0114

all versions

vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x bef

CVE-2004-2713

all versions

Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to ca

CVE-2004-1534

all versions

ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (applic

CVE-2004-0612

all versions

The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow

CVE-2004-0309

all versions

Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity

CVE-2004-1936

all versions

ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose na

CVE-2003-1309

all versions

The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and P

CVE-2002-1997

all versions

ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments c

CVE-2002-1911

all versions

ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and mem

CVE-2001-1548

all versions

ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets create

CVE-2001-0682

all versions

ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mut

5.5MEDIUM

CVE-2001-1373

all versions

MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file

CVE-2000-0339

<= 2.2.10

ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the fir

CVE-2000-0220

all versions

ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information

zonelabs zonealarm