Checkpoint: >> Zonealarm >> 5.0.63.0 Security Vulnerabilities
The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses.
CVSS Score
7.2
EPSS Score
0.001
Published
2007-04-24
Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls.
CVSS Score
7.2
EPSS Score
0.0
Published
2005-12-31
Page 2