Title: Zone Labs ZoneAlarm Registry Key Local Denial Of Service Vulnerability
Severity: MODERATE
Description:
Zone Labs ZoneAlarm Internet Security Suite is a security software package for the Microsoft Windows platform.
ZoneAlarm is prone to a denial-of-service vulnerability beacuse it fails to properly handle exceptional conditions.
The problem occurs because the application fails to properly verify the data stored in the registry key 'HKLM\SYSTEM\CurrentControlSet\Services\VETFDDNT\Enum'. A local attacker may be able to modify this key via the Windows API functions 'RegSaveKey', 'RegRestoreKey', and 'RegDeleteKey'. When the key is modified in a sufficient manner, this may include a different value or possibly different security settings. As a result, the system crashes because the application driver uses erroneous data.
A local attacker can exploit this issue to cause the system to crash, effectively denying service.
Affected Products:
- Zone Labs ZoneAlarm Security Suite 6.1.737
- Zone Labs ZoneAlarm Security Suite 6.5.722
References:
- David Matousek: ZoneAlarm Insufficient protection of registry key 'VETFDDNT\Enum' Vulnerability
- Zone Labs: Zone Labs Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
