CVE-2005-3560
Summary
| CVE | CVE-2005-3560 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2005-11-16 07:42:00 UTC |
| Updated | 2017-07-11 01:33:00 UTC |
| Description | Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Zonelabs | Zonealarm | 6.0 | All | All | All |
| Application | Zonelabs | Zonealarm | 6.0 | All | pro | All |
| Application | Zonelabs | Zonealarm | 6.0 | All | All | All |
| Application | Zonelabs | Zonealarm | 6.0 | All | pro | All |
| Application | Zonelabs | Zonealarm Anti-spyware | 6.0 | All | All | All |
| Application | Zonelabs | Zonealarm Anti-spyware | 6.1 | All | All | All |
| Application | Zonelabs | Zonealarm Anti-spyware | 6.0 | All | All | All |
| Application | Zonelabs | Zonealarm Anti-spyware | 6.1 | All | All | All |
| Application | Zonelabs | Zonealarm Antivirus | 6.0 | All | All | All |
| Application | Zonelabs | Zonealarm Antivirus | 6.0 | All | All | All |
| Application | Zonelabs | Zonealarm Security Suite | 6.0 | All | All | All |
| Application | Zonelabs | Zonealarm Security Suite | 6.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| 20677 | OSVDB | www.osvdb.org | |
| Zone Labs Zone Alarm Advance Program Control Bypass Weakness | BID | www.securityfocus.com | Exploit |
| Zone Labs Products Advance Program Control and OS Firewall (Behavioral Based) Technology Bypass Vulnerability - CXSecurity.com | SREASON | securityreason.com | |
| Secunia - Advisories - ZoneAlarm Personal Firewall Program Control Feature Bypass | SECUNIA | secunia.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.