CVE-2019-8453

EPSS 0.3%CWE-114

Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client.

Productos afectados

n/a · Check Point ZoneAlarm

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960 http://www.securityfocus.com/bid/108029