MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Zonealarm | Zonelabs | 2.1 (including) | 2.1 (including) |
| Zonealarm | Zonelabs | 2.2 (including) | 2.2 (including) |
| Zonealarm | Zonelabs | 2.3 (including) | 2.3 (including) |
| Zonealarm | Zonelabs | 2.4 (including) | 2.4 (including) |
| Zonealarm | Zonelabs | 2.5 (including) | 2.5 (including) |
| Zonealarm | Zonelabs | 2.6 (including) | 2.6 (including) |
References
- http://www.securityfocus.com/archive/1/197681
- http://www.securityfocus.com/bid/3055
- http://www.zonelabs.com/products/zap/rel_history.html#2.6.362
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6877
- http://www.securityfocus.com/archive/1/197681
- http://www.securityfocus.com/bid/3055
- http://www.zonelabs.com/products/zap/rel_history.html#2.6.362
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6877