CVE-2007-2083 - vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arg

CVE-2007-2083

Summary

vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.

References

Vulnerable Configurations

cpe:2.3:a:zonelabs:zonealarm:*:*:pro:*:*:*:*:*
cpe:2.3:a:zonelabs:zonealarm:*:*:pro:*:*:*:*:*

CVSS

Base:	6.9 (as of 16-10-2018 - 16:41)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bugtraq	20070415 ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability
misc	http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php
osvdb	35239
sreason	2591
xf	zonealarm-vsdatant-dos(33664)

Last major update

16-10-2018 - 16:41

Published

18-04-2007 - 03:19

Last modified

16-10-2018 - 16:41