certfr_avis - certa-2007-avi-370

CERTA-2007-AVI-370

Vulnerability from certfr_avis

Deux vulnérabilités dans les produits ZoneLabs permettent une élévation de privilèges.

Description

Deux vulnérabilités ont été découvertes dans les produits ZoneLabs.

Lorsqu'un administrateur installe un produit ZoneLabs de la famille ZoneAlarm, un paramétrage par défaut permet à tout utilisateur de modifier les fichiers installés (référence CVE-2005-2932). Certains de ces fichiers sont exécutés avec les droits system.

Une vulnérabilité a été découverte dans le pilote vsdatant.sys. Cette vulnérabilité permet à un utilisateur local de modifier directement le contenu de certaines zones de la mémoire (référence CVE-2007-4216).

Solution

Mettre à jour en version 7.0.362 (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
ESET	Security	ZoneAlarm Security Suite versions 5.x ;
ESET	N/A	ZoneAlarm Antivirus versions 5.x, 6.x ;
N/A	N/A	ZoneAlarm versions 2.x, 3.x, 4.x, 5.x, 6.x, 7.x ;
N/A	N/A	ZoneAlarm Plus versions 3.x, 4.x ;
ESET	Internet Security	ZoneAlarm Internet Security Suite versions 6.x ;
ESET	Security	ZoneAlarm Wireless Security versions 5.x.
ESET	N/A	ZoneAlarm Pro versions 2.x, 3.x, 4.x, 5.x, 6.x ;
ESET	N/A	ZoneAlarm Anti-Spyware versions 6.x ;

References

Title

Publication Time

Tags

Bulletins de sécurité iDefense du 20 août 2007	None	vendor-advisory
Page de mise à jour de ZoneAlarm :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "ZoneAlarm Security Suite versions 5.x ;",
      "product": {
        "name": "Security",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "ZoneAlarm Antivirus versions 5.x, 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "ZoneAlarm versions 2.x, 3.x, 4.x, 5.x, 6.x, 7.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ZoneAlarm Plus versions 3.x, 4.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ZoneAlarm Internet Security Suite versions 6.x ;",
      "product": {
        "name": "Internet Security",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "ZoneAlarm Wireless Security versions 5.x.",
      "product": {
        "name": "Security",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "ZoneAlarm Pro versions 2.x, 3.x, 4.x, 5.x, 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "ZoneAlarm Anti-Spyware versions 6.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits ZoneLabs.\n\nLorsqu\u0027un administrateur installe un produit ZoneLabs de la famille\nZoneAlarm, un param\u00e9trage par d\u00e9faut permet \u00e0 tout utilisateur de\nmodifier les fichiers install\u00e9s (r\u00e9f\u00e9rence CVE-2005-2932). Certains de\nces fichiers sont ex\u00e9cut\u00e9s avec les droits system.\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le pilote vsdatant.sys. Cette\nvuln\u00e9rabilit\u00e9 permet \u00e0 un utilisateur local de modifier directement le\ncontenu de certaines zones de la m\u00e9moire (r\u00e9f\u00e9rence CVE-2007-4216).\n\n## Solution\n\nMettre \u00e0 jour en version 7.0.362 (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2005-2932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-2932"
    },
    {
      "name": "CVE-2007-4216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4216"
    }
  ],
  "initial_release_date": "2007-08-21T00:00:00",
  "last_revision_date": "2007-08-21T00:00:00",
  "links": [
    {
      "title": "Page de mise \u00e0 jour de ZoneAlarm :",
      "url": "http://www.zonealarm.com/store/content/support/zasc/cfu.jsp?dc=12bms\u0026ctry=FR\u0026lang=fr\u0026lid=db_updates"
    }
  ],
  "reference": "CERTA-2007-AVI-370",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-08-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s dans les produits \u003cspan\nclass=\"textit\"\u003eZoneLabs\u003c/span\u003e permettent une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans les produits ZoneLabs",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 iDefense du 20 ao\u00fbt 2007",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585"
    }
  ]
}

CVE-2007-4216 (GCVE-0-2007-4216)

Vulnerability from cvelistv5

Published

2007-08-21 17:00

Modified

2024-08-07 14:46

Severity ?

CWE

Summary

vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations.

References

URL

Tags

	http://secunia.com/advisories/26513	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36107	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2007/2929	vdb-entry, x_refsource_VUPEN
	http://securitytracker.com/id?1018589	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/25365	vdb-entry, x_refsource_BID
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585	third-party-advisory, x_refsource_IDEFENSE
	http://www.securityfocus.com/bid/25377	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/477155/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:46:39.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "26513",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26513"
          },
          {
            "name": "zonealarm-vsdatant-privilege-escalation(36107)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36107"
          },
          {
            "name": "ADV-2007-2929",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2929"
          },
          {
            "name": "1018589",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018589"
          },
          {
            "name": "25365",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25365"
          },
          {
            "name": "20070820 Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585"
          },
          {
            "name": "25377",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25377"
          },
          {
            "name": "20070820 [Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/477155/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=53"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "26513",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26513"
        },
        {
          "name": "zonealarm-vsdatant-privilege-escalation(36107)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36107"
        },
        {
          "name": "ADV-2007-2929",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2929"
        },
        {
          "name": "1018589",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018589"
        },
        {
          "name": "25365",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25365"
        },
        {
          "name": "20070820 Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585"
        },
        {
          "name": "25377",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25377"
        },
        {
          "name": "20070820 [Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/477155/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=53"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4216",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "26513",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26513"
            },
            {
              "name": "zonealarm-vsdatant-privilege-escalation(36107)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36107"
            },
            {
              "name": "ADV-2007-2929",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2929"
            },
            {
              "name": "1018589",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018589"
            },
            {
              "name": "25365",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25365"
            },
            {
              "name": "20070820 Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=585"
            },
            {
              "name": "25377",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25377"
            },
            {
              "name": "20070820 [Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/477155/100/0/threaded"
            },
            {
              "name": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=53",
              "refsource": "MISC",
              "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=53"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4216",
    "datePublished": "2007-08-21T17:00:00",
    "dateReserved": "2007-08-08T00:00:00",
    "dateUpdated": "2024-08-07T14:46:39.401Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-2932 (GCVE-0-2005-2932)

Vulnerability from cvelistv5

Published

2007-08-21 17:00

Modified

2024-08-07 22:53

Severity ?

CWE

Summary

Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls.

References

URL

Tags

	http://secunia.com/advisories/26513	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/2929	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36110	vdb-entry, x_refsource_XF
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584	third-party-advisory, x_refsource_IDEFENSE
	http://www.securityfocus.com/bid/25365	vdb-entry, x_refsource_BID
	http://securitytracker.com/id?1018588	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/25377	vdb-entry, x_refsource_BID
	http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:53:29.628Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "26513",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26513"
          },
          {
            "name": "ADV-2007-2929",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2929"
          },
          {
            "name": "zonealarm-acl-privilege-escalation(36110)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36110"
          },
          {
            "name": "20070820 Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584"
          },
          {
            "name": "25365",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25365"
          },
          {
            "name": "1018588",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018588"
          },
          {
            "name": "25377",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25377"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=53"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "26513",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26513"
        },
        {
          "name": "ADV-2007-2929",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2929"
        },
        {
          "name": "zonealarm-acl-privilege-escalation(36110)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36110"
        },
        {
          "name": "20070820 Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584"
        },
        {
          "name": "25365",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25365"
        },
        {
          "name": "1018588",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018588"
        },
        {
          "name": "25377",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25377"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=53"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2932",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "26513",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26513"
            },
            {
              "name": "ADV-2007-2929",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2929"
            },
            {
              "name": "zonealarm-acl-privilege-escalation(36110)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36110"
            },
            {
              "name": "20070820 Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584"
            },
            {
              "name": "25365",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25365"
            },
            {
              "name": "1018588",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018588"
            },
            {
              "name": "25377",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25377"
            },
            {
              "name": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=53",
              "refsource": "MISC",
              "url": "http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=53"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-2932",
    "datePublished": "2007-08-21T17:00:00",
    "dateReserved": "2005-09-15T00:00:00",
    "dateUpdated": "2024-08-07T22:53:29.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CERTA-2007-AVI-370

Vulnerability from certfr_avis

Description

Solution

CVE-2007-4216 (GCVE-0-2007-4216)

Vulnerability from cvelistv5

CVE-2005-2932 (GCVE-0-2005-2932)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature