CVE-2005-3560 | Vulnerability Database | Aqua Security

Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the Advanced Program Control and OS Firewall filters setting via URLs in HTML Modal Dialogs (window.location.href) contained within JavaScript tags.

Affected Software

Name	Vendor	Start Version	End Version
Zonealarm	Zonelabs	6.0 (including)	6.0 (including)
Zonealarm_anti-spyware	Zonelabs	6.0 (including)	6.0 (including)
Zonealarm_anti-spyware	Zonelabs	6.1 (including)	6.1 (including)
Zonealarm_antivirus	Zonelabs	6.0 (including)	6.0 (including)
Zonealarm_security_suite	Zonelabs	6.0 (including)	6.0 (including)

References

http://secunia.com/advisories/17450
http://securityreason.com/securityalert/155
http://www.osvdb.org/20677
http://www.securityfocus.com/archive/1/415968
http://www.securityfocus.com/bid/15347
https://exchange.xforce.ibmcloud.com/vulnerabilities/22971

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3560
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html