Lucene search

PRIOn knowledge basePRION:CVE-2007-2467

HistoryMay 02, 2007 - 10:19 p.m.

Design/Logic Flaw

2007-05-0222:19:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access.

CPENameOperatorVersion
zonealarmeq6.1.744.1 pro
zonealarmeq6.5.737.0 pro

CPE	Name	Operator	Version
	zonealarm	eq	6.1.744.1 pro
	zonealarm	eq	6.5.737.0 pro

References

osvdb.org/35240

secunia.com/advisories/25064

www.matousec.com/info/advisories/ZoneAlarm-Insufficient-validation-of-vsdatant-driver-input-buffer.php

www.securityfocus.com/archive/1/467269/100/0/threaded

www.securityfocus.com/bid/23734

www.vupen.com/english/advisories/2007/1608

exchange.xforce.ibmcloud.com/vulnerabilities/34028

6.9 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2007-2467