Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Zonealarm | Checkpoint | * | 7.0.337.0 (including) |
| Zonealarm_security_suite | Checkpoint | 5.5.062.004 (including) | 5.5.062.004 (including) |
| Zonealarm_security_suite | Checkpoint | 6.5.737 (including) | 6.5.737 (including) |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584
- http://secunia.com/advisories/26513
- http://securitytracker.com/id?1018588
- http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=53
- http://www.securityfocus.com/bid/25365
- http://www.securityfocus.com/bid/25377
- http://www.vupen.com/english/advisories/2007/2929
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36110
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584
- http://secunia.com/advisories/26513
- http://securitytracker.com/id?1018588
- http://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=53
- http://www.securityfocus.com/bid/25365
- http://www.securityfocus.com/bid/25377
- http://www.vupen.com/english/advisories/2007/2929
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36110