CVE-2007-2174

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Zonealarm
Vendor: CVE Published:; 24 April 2007

Summary

The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses.

References

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

http://secunia.com/advisories/24986

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2007/1491

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 24, 2007
Vulnerability Reserved
Apr 24, 2007