Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with low privileges. A sophisticated timed attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. This allows an unprivileged user to enable escalation of privilege via local access.
CVSS Information
N/A
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
Check Point Software Technologies ZoneAlarm Anti-Ransomware 后置链接漏洞
Vulnerability Description
Check Point Software Technologies ZoneAlarm Anti-Ransomware是美国Check Point Software Technologies公司的一套反勒索软件。 Check Point Software Technologies ZoneAlarm Anti-Ransomware 1.0.713之前版本中存在后置链接漏洞,该漏洞源于程序从低权限的目录中复制文件。攻击者可利用该漏洞使用恶意内容或带有链接的内容替换掉要复制的文件。
CVSS Information
N/A
Vulnerability Type
N/A