Lucene search
MitreCVE-2004-1936HistoryMay 10, 2005 - 4:00 a.m.
CVE-2004-1936
2005-05-1004:00:00
mitre
web.nvd.nist.gov
30
zonealarm
pro
email protection
bypass
non-english
attachment
names
cve-2004-1936
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.009
Percentile
82.5%
ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names contain certain non-English characters.
Affected configurations
Node
zonelabszonealarmMatch2.4pro
ORzonelabszonealarmMatch2.6pro
ORzonelabszonealarmMatch3.0pro
ORzonelabszonealarmMatch3.1pro
ORzonelabszonealarmMatch4.0plus
ORzonelabszonealarmMatch4.0pro
ORzonelabszonealarmMatch4.5pro
ORzonelabszonealarmMatch4.5.538.001plus
ORzonelabszonealarmMatch4.5.538.001pro
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zonelabs | zonealarm | 2.4 | cpe:2.3:a:zonelabs:zonealarm:2.4:*:pro:*:*:*:*:* |
| zonelabs | zonealarm | 2.6 | cpe:2.3:a:zonelabs:zonealarm:2.6:*:pro:*:*:*:*:* |
| zonelabs | zonealarm | 3.0 | cpe:2.3:a:zonelabs:zonealarm:3.0:*:pro:*:*:*:*:* |
| zonelabs | zonealarm | 3.1 | cpe:2.3:a:zonelabs:zonealarm:3.1:*:pro:*:*:*:*:* |
| zonelabs | zonealarm | 4.0 | cpe:2.3:a:zonelabs:zonealarm:4.0:*:plus:*:*:*:*:* |
| zonelabs | zonealarm | 4.0 | cpe:2.3:a:zonelabs:zonealarm:4.0:*:pro:*:*:*:*:* |
| zonelabs | zonealarm | 4.5 | cpe:2.3:a:zonelabs:zonealarm:4.5:*:pro:*:*:*:*:* |
| zonelabs | zonealarm | 4.5.538.001 | cpe:2.3:a:zonelabs:zonealarm:4.5.538.001:*:plus:*:*:*:*:* |
| zonelabs | zonealarm | 4.5.538.001 | cpe:2.3:a:zonelabs:zonealarm:4.5.538.001:*:pro:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.009
Percentile
82.5%
Related for CVE-2004-1936