Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Check Point ZoneAlarm Pro 安全绕过漏洞
Vulnerability Description
Check Point ZoneAlarm Pro 6.5.737.000之前版本没有为NT kernel 5.0中的Microsoft Windows API函数的进程标示符进行正确的等值测试,这使得本地用户可以借助一个畸形的标示符,调用这些函数和绕过防火墙规则或获得特权。
CVSS Information
N/A
Vulnerability Type
N/A