ZoneAlarm Insufficient protection of registry key 'VETFDDNT\Enum' Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: ZoneAlarm Insufficient protection of registry key 'VETFDDNT\Enum' Vulnerability
From: David Matousek <david@xxxxxxxxxxxx>
Date: Mon, 03 Jul 2006 18:54:54 +0200
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: matousec.com
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8.0.1) Gecko/20060130 SeaMonkey/1.0

ZoneAlarm insufficiently checks calling standard Windows API functions 
RegSaveKey, RegRestoreKey and RegDeleteKey.

The whole advisory with more details is available here
http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-protection-of-registry-key-VETFDDNT-Enum.php

Regards,

--
David Matousek

Founder and Chief Representative of matousec.com

Prev by Date: [ GLSA 200607-01 ] mpg123: Heap overflow
Next by Date: TBE 4.0 XSS
Previous by thread: [ GLSA 200607-01 ] mpg123: Heap overflow
Next by thread: TBE 4.0 XSS
Index(es):
- Date
- Thread