Lucene search

[email protected]CVE-2007-0351

HistoryJan 19, 2007 - 1:28 a.m.

CVE-2007-0351

2007-01-1901:28:00

[email protected]

web.nvd.nist.gov

cve-2007-0351

microsoft windows

windows xp

windows server 2003

privilege escalation

user logoff

zonealarm

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a previous system user, possibly related to user profile unload failure. NOTE: it is not clear whether this is an issue in Windows itself, or an interaction with another product. The issue might involve ZoneAlarm not being able to terminate processes when it cannot prompt the user.

Affected configurations

NVD

Node

microsoftwindows_2003_serverMatchr2

microsoftwindows_xpsp2tablet_pc

AND

zonelabszonealarm

CPENameOperatorVersion
zonelabs:zonealarmzonelabs zonealarmeq*

CPE	Name	Operator	Version
zonelabs:zonealarm	zonelabs zonealarm	eq	*

References

www.securityfocus.com/archive/1/457167/100/0/threaded

www.securityfocus.com/archive/1/457217/100/0/threaded

www.securityfocus.com/archive/1/457340/100/0/threaded

www.securityfocus.com/archive/1/457807/100/200/threaded

www.securityfocus.com/archive/1/459838/100/0/threaded

6.2 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2007-0351

prion1 cvelist1 nvd1