CVE-2007-2174

Severity

72%

Complexity

39%

Confidentiality

165%

The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses.

The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses.

CVSS 2.0 Base Score 7.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 17 years ago

2007-04-24 16:19:00

Last updated 6 years ago

2018-10-16 16:42:00

Affected Software

Checkpoint ZoneAlarm

References

20070420 Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability

Vendor Advisory

24986

Patch, Vendor Advisory

20070423 [Reversemode advisory] CheckPoint Zonelabs - ZoneAlarm SRESCAN driver local privilege escalation

23579

1017948

1017953

ADV-2007-1491

zonealarm-srescan-privilege-escalation(33786)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.