CVE-2005-3560
CVSS7.5
发布时间 :2005-11-16 02:42:00
修订时间 :2008-09-05 16:54:42
NMCO    

[原文]Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags.


[CNNVD]Zone Labs 多个产品"高级程序控制和操作系统防火墙过滤器"绕过漏洞(CNNVD-200511-210)

        Zone Labs是一家网络安全产品厂商。
        Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0至6.1和(5) ZoneAlarm 6.0,可让远程攻击者通过JavaScript标记内包含的"HTML模式对话框"(window.location.href)中的URL,绕过"高级程序控制和操作系统防火墙过滤器"设置。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:zonelabs:zonealarm_anti-spyware:6.1Zone Labs ZoneAlarm Anti-Spyware 6.1
cpe:/a:zonelabs:zonealarm_security_suite:6.0Zone Labs ZoneAlarm Internet Security Suite 6.0
cpe:/a:zonelabs:zonealarm_anti-spyware:6.0Zone Labs ZoneAlarm Anti-Spyware 6.0
cpe:/a:zonelabs:zonealarm:6.0::pro
cpe:/a:zonelabs:zonealarm_antivirus:6.0Zone Labs ZoneAlarm Anti-Virus 6.0
cpe:/a:zonelabs:zonealarm:6.0Zone Labs ZoneAlarm 6.0

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3560
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3560
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200511-210
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/xforce/xfdb/22971
(UNKNOWN)  XF  zonealarm-showhtmldialog-obtain-information(22971)
http://www.securityfocus.com/bid/15347
(UNKNOWN)  BID  15347
http://www.securityfocus.com/archive/1/415968
(UNKNOWN)  BUGTRAQ  20051107 Zone Labs Products Advance Program Control and OS Firewall (Behavioral Based) Technology Bypass Vulnerability
http://www.osvdb.org/20677
(UNKNOWN)  OSVDB  20677
http://secunia.com/advisories/17450
(VENDOR_ADVISORY)  SECUNIA  17450
http://securityreason.com/securityalert/155
(UNKNOWN)  SREASON  155

- 漏洞信息

Zone Labs 多个产品"高级程序控制和操作系统防火墙过滤器"绕过漏洞
高危 设计错误
2005-11-16 00:00:00 2006-06-12 00:00:00
本地  
        Zone Labs是一家网络安全产品厂商。
        Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0至6.1和(5) ZoneAlarm 6.0,可让远程攻击者通过JavaScript标记内包含的"HTML模式对话框"(window.location.href)中的URL,绕过"高级程序控制和操作系统防火墙过滤器"设置。

- 公告与补丁

        暂无数据

- 漏洞信息

20677
ZoneAlarm ShowHTMLDialog() Outbound Filter Bypass
Local Access Required Information Disclosure
Loss of Confidentiality, Loss of Integrity

- 漏洞描述

Various ZoneAlarm products contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a trusted web browser is used to execute the ShowHTMLDialog() function. Malware can then create a modal dialog box to display HTML, and redirect the victim to the attacker's web site.

- 时间线

2005-11-08 2005-10-10
Unknow Unknow

- 解决方案

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

- 相关参考

- 漏洞作者

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站