CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
93.4%
Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the “Advanced Program Control and OS Firewall filters” setting via URLs in “HTML Modal Dialogs” (window.location.href) contained within JavaScript tags.
Vendor | Product | Version | CPE |
---|---|---|---|
zonelabs | zonealarm | 6.0 | cpe:2.3:a:zonelabs:zonealarm:6.0:*:*:*:*:*:*:* |
zonelabs | zonealarm | 6.0 | cpe:2.3:a:zonelabs:zonealarm:6.0:*:pro:*:*:*:*:* |
zonelabs | zonealarm_anti-spyware | 6.0 | cpe:2.3:a:zonelabs:zonealarm_anti-spyware:6.0:*:*:*:*:*:*:* |
zonelabs | zonealarm_anti-spyware | 6.1 | cpe:2.3:a:zonelabs:zonealarm_anti-spyware:6.1:*:*:*:*:*:*:* |
zonelabs | zonealarm_antivirus | 6.0 | cpe:2.3:a:zonelabs:zonealarm_antivirus:6.0:*:*:*:*:*:*:* |
zonelabs | zonealarm_security_suite | 6.0 | cpe:2.3:a:zonelabs:zonealarm_security_suite:6.0:*:*:*:*:*:*:* |