6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
04/17/2007
High
A lack of argument validation was found in ZoneAlarm. By exploiting this vulnerability malicious users can cause denial of service or possibly execute arbitrary code. This vulnerability can be exploited locally via specially designed arguments.
ZoneAlarm Pro versions earlier than 7.0.302.000
Update to latest version
ACE
CVE-2007-20836.9High