CVE-2007-2467

Published: May 2, 2007Modified: Apr 23, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

ZoneAlarm Pro 6.5.737.000, 6.1.744.001, and possibly earlier versions and other products, allows local users to cause a denial of service (system crash) by sending malformed data to the vsdatant device driver, which causes an invalid memory access.

Affected (2)

Products: Zonelabs: Zonealarm

Zonelabs

1 product

Zonealarm

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Zonelabs Zonealarm	Version 6.1.744.001
Zonelabs Zonealarm	Version 6.5.737.000

References (14)

http://osvdb.org/35240

Source: cve@mitre.org

http://secunia.com/advisories/25064

Source: cve@mitre.org

Vendor Advisory

http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-validation-of-vsdatant-driver-input-buffer.php

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/467269/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/23734

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/1608

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/34028

Source: cve@mitre.org

http://osvdb.org/35240