CVE-2007-2174

EPSS 0.07%
Published 24.04.2007 16:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Checkpoint ≫ Zonealarm Version <= 5.0.63.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.07%	0.174

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517

Vendor Advisory

http://secunia.com/advisories/24986

Patch

Vendor Advisory

http://www.securityfocus.com/archive/1/466656/100/0/threaded

http://www.securityfocus.com/bid/23579

http://www.securitytracker.com/id?1017948

http://www.securitytracker.com/id?1017953

http://www.vupen.com/english/advisories/2007/1491

https://exchange.xforce.ibmcloud.com/vulnerabilities/33786

https://nvd.nist.gov/vuln/detail/CVE-2007-2174

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2174

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2174

EUVD