CVE-2006-3540

Published: Jul 13, 2006Modified: Apr 16, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000, 6.1.737.000, and possibly other versions do not properly validate RegSaveKey, RegRestoreKey, and RegDeleteKey function calls, which allows local users to cause a denial of service (system crash) via a certain combination of these function calls with an HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VETFDDNT\Enum argument.

Affected (2)

Products: Zonelabs: Zonealarm Security Suite

1 product

Zonealarm Security Suite

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Zonelabs Zonealarm Security Suite	Version 6.1.737.000
Zonelabs Zonealarm Security Suite	Version 6.5.722.000

References (8)

http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-protection-of-registry-key-VETFDDNT-Enum.php

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/438970/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/18789

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27584

Source: cve@mitre.org

http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-protection-of-registry-key-VETFDDNT-Enum.php

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/438970/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/18789

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/27584

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.