Lucene search

[email protected]NVD:CVE-2006-3540

HistoryJul 13, 2006 - 12:05 a.m.

CVE-2006-3540

2006-07-1300:05:00

[email protected]

web.nvd.nist.gov

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, and possibly other versions do not properly validate RegSaveKey, RegRestoreKey, and RegDeleteKey function calls, which allows local users to cause a denial of service (system crash) via a certain combination of these function calls with an HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VETFDDNT\Enum argument.

Affected configurations

Nvd

Node

zonelabszonealarm_security_suiteMatch6.1.737.000

zonelabszonealarm_security_suiteMatch6.5.722.000

VendorProductVersionCPE
zonelabszonealarm_security_suite6.1.737.000cpe:2.3:a:zonelabs:zonealarm_security_suite:6.1.737.000:*:*:*:*:*:*:*
zonelabszonealarm_security_suite6.5.722.000cpe:2.3:a:zonelabs:zonealarm_security_suite:6.5.722.000:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zonelabs	zonealarm_security_suite	6.1.737.000	cpe:2.3:a:zonelabs:zonealarm_security_suite:6.1.737.000:::::::*
zonelabs	zonealarm_security_suite	6.5.722.000	cpe:2.3:a:zonelabs:zonealarm_security_suite:6.5.722.000:::::::*

References

www.matousec.com/info/advisories/ZoneAlarm-Insufficient-protection-of-registry-key-VETFDDNT-Enum.php

www.securityfocus.com/archive/1/438970/100/0/threaded

www.securityfocus.com/bid/18789

exchange.xforce.ibmcloud.com/vulnerabilities/27584

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2006-3540

cvelist1 cve1