Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/108029 | |
https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: checkpoint
Published: 2019-04-17T14:06:40
Updated: 2019-04-23T15:06:11
Reserved: 2019-02-18T00:00:00
Link: CVE-2019-8453
JSON object: View
NVD Information
Status : Modified
Published: 2019-04-17T15:29:01.173
Modified: 2019-04-23T16:29:11.047
Link: CVE-2019-8453
JSON object: View
Redhat Information
No data.