CVE-2005-2932

Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls.

Published: Dec 31, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-2932
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
checkpoint / zonealarm_security_suite	6.5.737	6.5.737.x
checkpoint / zonealarm	-	7.0.337.0.x
checkpoint / zonealarm_security_suite	5.5.062.004	5.5.062.004.x

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584
http://secunia.com/advisories/26513
http://securitytracker.com/id?1018588
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53
http://www.securityfocus.com/bid/25365
http://www.securityfocus.com/bid/25377
http://www.vupen.com/english/advisories/2007/2929
https://exchange.xforce.ibmcloud.com/vulnerabilities/36110

Vulnerability Database

289,784

CVE-2005-2932