Back to search
CVE-2004-2713
Published: Oct 6, 2007
Modified: Aug 8, 2024
PUBLISHED
Description
Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that it does not affect product functionality since the same information is also saved in a protected file
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20040825 Check Point - Zone Labs Division - Response to "Weak Default Permissions Vulnerability"
mailing-list
x_refsource_BUGTRAQ
20040820 Re: Unsecure file permission of ZoneAlarm pro.
mailing-list
x_refsource_FULLDISC
zonealarm-insecure-file-permission(17099)
vdb-entry
x_refsource_XF
20040821 Re: Unsecure file permission of ZoneAlarm pro.
mailing-list
x_refsource_FULLDISC
9761
vdb-entry
x_refsource_OSVDB
20040819 Unsecure file permission of ZoneAlarm pro.
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now