340 matches found
CVE-2020-6012
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with low privileges. A sophisticated timed attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. This allows an...
CVE-2020-6022
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware...
CVE-2010-5184
Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...
CVE-2019-8452
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gain...
CVE-2019-8453
Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client...
CVE-2019-8455
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file...
CVE-2002-1911
ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service CPU and memory consumption via a large number of SYN packets SYN flood. NOTE: the vendor was not able to reproduce the issue...
Checkpoint ZoneAlarm Driver Flaw Exposes Users to Credential Theft
Credential theft alert! Venak Security discovers a BYOVD attack using .SYS drivers to bypass Windows security. Learn how…...
CVE-2024-6233
Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...
CVE-2024-6233
Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...
CVE-2024-6233 Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability
Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...
CVE-2024-6233 Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability
Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...
CVE-2024-6233
CVE-2024-6233 affects Check Point ZoneAlarm Extreme Security, with the vulnerability located in the Forensic Recorder service. By creating a symbolic link, an attacker who already has low-privilege code execution can abuse the service to overwrite arbitrary files, enabling privilege escalation to...
Check Point ZoneAlarm Extreme Security 安全漏洞
Check Point ZoneAlarm Extreme Security is a security antivirus from Check Point, Israel. A security vulnerability exists in Check Point ZoneAlarm Extreme Security that stems from improper handling of symbolic links in the Forensic Recorder service, which could allow a local attacker to overwrite...
The vulnerability of the Forensic Recorder service in the software for comprehensive antivirus protection provided by Check Point’s ZoneAlarm Extreme Security allows a hacker to elevate their privileges and execute arbitrary code within the SYSTEM context.
The vulnerability of the Forensic Recorder service in the Check Point ZoneAlarm Extreme Security software lies in the improper handling of symbolic links before accessing a file. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code within the...
Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with...
CVE-2024-24910
A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target...
CVE-2024-24910
A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target...
CVE-2024-24910 LocalprivilegeescalationinCheckPointZoneAlarmExtremeSecurityNextGen,IdentityAgentforWindows,andIdentityAgentforWindowsTerminalServerviacraftedDLLfile
A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target...
CVE-2024-24910
CVE-2024-24910 describes a local privilege escalation in Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. Affected components arise from incorrect permission handling for a critical resource, enabling a local attacker who ...