Denial of Service Vulnerability in Check Point ZoneAlarm 8.0.020.000
CVE-2008-7025

Currently unrated

Key Information:

Vendor
Checkpoint
Status
Zonealarm
Vendor
CVE Published:
21 August 2009

Summary

The TrueVector component in Check Point ZoneAlarm 8.0.020.000, when the vsmon.exe process is active, is vulnerable to denial of service attacks. By utilizing specially crafted HTTP responses, remote proxies can trigger crashes in the system, effectively disabling the Host Intrusion Detection System (HIDS) module, which compromises the software's ability to safeguard against unauthorized access. This vulnerability merits attention from users of ZoneAlarm to ensure system integrity and security.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/45480
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/31431
vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/496764/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.