CVE-2007-2174

Published: Apr 24, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20070420 Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability

third-party-advisory

x_refsource_IDEFENSE

24986

third-party-advisory

x_refsource_SECUNIA

ADV-2007-1491

vdb-entry

x_refsource_VUPEN

1017953

vdb-entry

x_refsource_SECTRACK

23579

vdb-entry

x_refsource_BID

20070423 [Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation

mailing-list

x_refsource_BUGTRAQ

zonealarm-srescan-privilege-escalation(33786)

vdb-entry

x_refsource_XF

1017948

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-2174

Description

Affected Products

References