Local Code Execution Vulnerability in Check Point ZoneAlarm Spyware Removal Engine
CVE-2007-2174

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Zonealarm
Vendor: CVE Published:; 24 April 2007

Summary

The IOCTL handling in the srescan.sys component of the Check Point ZoneAlarm Spyware Removal Engine before version 5.0.156.0 permits local users to gain unauthorized access and execute arbitrary code by manipulating specific IOCTL lrp parameter addresses. This vulnerability can be exploited to escalate privileges, potentially allowing an attacker to bypass normal security measures and take control of the system.

References

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

http://secunia.com/advisories/24986

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2007/1491

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 24, 2007
Vulnerability Reserved
Apr 24, 2007