Executive Summary

Informations
NameCVE-2019-8453First vendor Publication2019-04-17
VendorCveLast vendor Modification2019-04-23

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score2.1Attack RangeLocal
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8453

CWE : Common Weakness Enumeration

%idName
100 %CWE-426Untrusted Search Path

CPE : Common Platform Enumeration

TypeDescriptionCount
Application7

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/108029
MISC https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-04-23 21:19:22
  • Multiple Updates
2019-04-18 17:19:25
  • Multiple Updates
2019-04-17 21:19:25
  • First insertion