CVE-2007-2083

Zonelabs Zonealarm < 6.5.714.000 - Denial of Service

Title source: rule

Description

vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Matousec Transparent security · cdoswindows

https://www.exploit-db.com/exploits/29860

View Code ZIP pw:eip

References (5)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/465868/100/0/threaded

[Third Party Advisory] http://securityreason.com/securityalert/2591

[Patch, Vendor Advisory] http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/33664

[Third Party Advisory, VDB Entry] http://osvdb.org/35239

Scores

EPSS 0.0019

EPSS Percentile 40.0%

Details

Status published

Products (1)

zonelabs/zonealarm < 6.5.714.000

Published Apr 18, 2007

Tracked Since Feb 18, 2026