QwikSec

Security Database

CVE

CWE

Training

CVE-2019-8455

Published: Apr 17, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.

Vendor	Product	Versions
n/a	Check Point ZoneAlarm	affected `up to 15.4.062`

Weaknesses (CWE)

References

https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960

x_refsource_MISC

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.