CVE-2007-2083

N/A Unknown
Published: April 18, 2007 Modified: April 23, 2026
View on NVD

Description

vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://osvdb.org/35239
Source: cve@mitre.org
http://securityreason.com/securityalert/2591
Source: cve@mitre.org
http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php
Source: cve@mitre.org
Patch Vendor Advisory
http://www.securityfocus.com/archive/1/465868/100/0/threaded
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/33664
Source: cve@mitre.org
http://osvdb.org/35239
Source: af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/2591
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.matousec.com/info/advisories/ZoneAlarm-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.securityfocus.com/archive/1/465868/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/33664
Source: af854a3a-2127-422b-91ae-364da2661108

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.2%
40th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

zonelabs