CVE-2005-3560

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-3560
Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/17450 Vendor Advisory
http://securityreason.com/securityalert/155
http://www.osvdb.org/20677
http://www.securityfocus.com/archive/1/415968
http://www.securityfocus.com/bid/15347 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/22971
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zonelabs:zonealarm:6.0:*:*:*:*:*:*:*
cpe:2.3:a:zonelabs:zonealarm:6.0:*:pro:*:*:*:*:*
cpe:2.3:a:zonelabs:zonealarm_anti-spyware:6.0:*:*:*:*:*:*:*
cpe:2.3:a:zonelabs:zonealarm_anti-spyware:6.1:*:*:*:*:*:*:*
cpe:2.3:a:zonelabs:zonealarm_antivirus:6.0:*:*:*:*:*:*:*
cpe:2.3:a:zonelabs:zonealarm_security_suite:6.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2005-11-16 07:42

Updated : 2023-12-10 10:28

NVD link : CVE-2005-3560

Mitre link : CVE-2005-3560

CVE.ORG link : CVE-2005-3560

JSON object : View

Products Affected

zonelabs

  • zonealarm_anti-spyware
  • zonealarm_antivirus
  • zonealarm_security_suite
  • zonealarm
CWE
NVD-CWE-Other