Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrary code via email attachments containing a trailing dot after the file extension.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZoneLabs ZoneAlarm MailSafe扩展名加点可绕过邮件保护功能漏洞
Vulnerability Description
ZoneLabs ZoneAlarm是一款基于PC的Microsoft Windows防火墙,支持多项功能,包括Mailsafe设计用来防止邮件中携带恶意内容或者附件的功能。 ZoneLabs ZoneAlarm在处理特殊扩展名上存在漏洞,可导致攻击者构建特殊扩展名的文件作为附件来绕过Mailsafe的保护。 攻击者可以在文件扩展名后加一个点如malicious.exe.代替malicious.exe来绕过Mailsafe的保护。点可以改变文件扩展名,使MailSafe错误地认为这不是一个危险的文件类型,
CVSS Information
N/A
Vulnerability Type
N/A