CVE-2004-2713

Zone Alarm Pro 1.0 through 5.1 gives full access to %windir%\Internet Logs* to the EVERYONE group, which allows local users to cause a denial of service by modifying the folder contents or permissions. NOTE: this issue has been disputed by the vendor, who claims that it does not affect product functionality since the same information is also saved in a protected file

Published: Dec 31, 2004
Updated: Nov 8, 2023
CVE: CVE-2004-2713
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 1.9
AV:L/AC:M/Au:N/C:N/I:N/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
zonelabs / zonealarm	1.0	1.0.x

http://archives.neohapsis.com/archives/bugtraq/2004-08/0389.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0871.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0883.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0933.html
http://www.osvdb.org/9761
https://exchange.xforce.ibmcloud.com/vulnerabilities/17099

Vulnerability Database

289,697

CVE-2004-2713