CyberSec.Space Logo
Back to CVE Browser

CVE-2005-3560

HIGH
7.5
CVSS Severity Score
EPSS Score0.1320%
EPSS Percentile25.14th
PublishedNov 16, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags.

Affected Platforms (CPE)

πŸ“¦
Zonelabs

Zonealarm

= 6.0
πŸ“¦
Zonelabs

Zonealarm

= 6.0
πŸ“¦
Zonelabs

Zonealarm Anti Spyware

= 6.0
πŸ“¦
Zonelabs

Zonealarm Anti Spyware

= 6.1
πŸ“¦
Zonelabs

Zonealarm Antivirus

= 6.0
πŸ“¦
Zonelabs

Zonealarm Security Suite

= 6.0

References & Advisories

πŸ”— http://secunia.com/advisories/17450
πŸ”— http://securityreason.com/securityalert/155
πŸ”— http://www.osvdb.org/20677
πŸ”— http://www.securityfocus.com/archive/1/415968
πŸ”— http://www.securityfocus.com/bid/15347
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/22971
πŸ”— http://secunia.com/advisories/17450
πŸ”— http://securityreason.com/securityalert/155

Related Vulnerabilities

CVE-2004-030910.0

Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity...

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...

CVE-2003-130910.0

The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and P...

CVE-2020-60138.8

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to ...