返回 CVE 瀏覽器

CVE-2005-3560

HIGH

7.5

CVSS Severity Score

EPSS Score0.1320%

EPSS Percentile25.14th

Published2005年11月16日

Last Modified2026年4月16日

Vulnerability Description

Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags.

Affected Platforms (CPE)

📦

Zonelabs

Zonealarm

= 6.0

📦

Zonelabs

Zonealarm

= 6.0

📦

Zonelabs

Zonealarm Anti Spyware

= 6.0

📦

Zonelabs

Zonealarm Anti Spyware

= 6.1

📦

Zonelabs

Zonealarm Antivirus

= 6.0

📦

Zonelabs

Zonealarm Security Suite

= 6.0

References & Advisories

🔗 http://secunia.com/advisories/17450

🔗 http://securityreason.com/securityalert/155

🔗 http://www.osvdb.org/20677

🔗 http://www.securityfocus.com/archive/1/415968

🔗 http://www.securityfocus.com/bid/15347

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/22971

🔗 http://secunia.com/advisories/17450

🔗 http://securityreason.com/securityalert/155

相關漏洞威脅

CVE-2004-030910.0

Stack-based buffer overflow in the SMTP service support in vsmon.exe in Zone Labs ZoneAlarm before 4.5.538.001, ZoneLabs Integrity...

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...

CVE-2003-130910.0

The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and P...

CVE-2020-60138.8

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to ...