Every CVE whose affected-product data names Zonelabs Zonealarm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2004-0309 — CVSS 10.0 (critical): Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity client…
CVE-2003-1309 — CVSS 10.0 (critical): The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus…
CVE-2005-1693 — CVSS 10.0 (critical): Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust…
CVE-2004-1936 — CVSS 7.5 (high): ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail protection via attachments whose names…
CVE-2005-3560 — CVSS 7.5 (high): Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0…
CVE-2002-1997 — CVSS 7.5 (high): ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing…
CVE-2000-0339 — CVSS 7.5 (high): ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall…
CVE-2007-5044 — CVSS 6.9 (medium): ZoneAlarm Pro 7.0.362.000 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which…
CVE-2007-2083 — CVSS 6.9 (medium): vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked…
CVE-2007-0351 — CVSS 6.2 (medium): Microsoft Windows XP and Windows Server 2003 do not properly handle user logoff, which might allow local users to gain the privileges of a…
CVE-2001-0682 — CVSS 5.5 (medium): ZoneAlarm and ZoneAlarm Pro allows a local attacker to cause a denial of service by running a trojan to initialize a ZoneAlarm mutex object…
CVE-2004-0612 — CVSS 5.1 (medium): The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote…
CVE-2004-1534 — CVSS 5.0 (medium): ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cause a denial of service (application…
CVE-2001-1373 — CVSS 5.0 (medium): MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names…
CVE-2002-1911 — CVSS 5.0 (medium): ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service (CPU and memory…
CVE-2000-0220 — CVSS 5.0 (medium): ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an…
CVE-2007-2467 — CVSS 4.9 (medium): ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service…
CVE-2005-0114 — CVSS 2.1 (low): vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before…
CVE-2001-1548 — CVSS 2.1 (low): ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with…
CVE-2004-2713 — CVSS 1.9 (low): Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs\* to the EVERYONE group, which allows local users to cause a…