Vulnerability Description
vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Checkpoint | Check Point Integrity Client | <= 5.1.556.166 |
| Zonelabs | Zonealarm | 5.5.062.011 |
| Zonelabs | Zonealarm Wireless Security | <= 5.5.080.000 |
References
- http://download.zonelabs.com/bin/free/securityAlert/19.htmlPatchVendor Advisory
- http://secunia.com/advisories/14256
- http://www.idefense.com/application/poi/display?id=199&type=vulnerabilitiesPatchVendor Advisory
- http://www.securityfocus.com/bid/12531
- http://download.zonelabs.com/bin/free/securityAlert/19.htmlPatchVendor Advisory
- http://secunia.com/advisories/14256
- http://www.idefense.com/application/poi/display?id=199&type=vulnerabilitiesPatchVendor Advisory
- http://www.securityfocus.com/bid/12531
FAQ
What is CVE-2005-0114?
CVE-2005-0114 is a vulnerability with a CVSS score of 2.1 (LOW). vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that...
How severe is CVE-2005-0114?
CVE-2005-0114 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0114?
Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Check Point Integrity Client, Zonelabs Zonealarm, Zonelabs Zonealarm Wireless Security.