CVE		CVE-2007-2083
Статус		Candidate
Описание		vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
Важность		Medium
CVSS score		5,6
CVSS vector		(AV:L/AC:H/Au:NR/C:C/I:C/A:C/B:N)
Phase		Assigned (17.04.2007)
NVD:		http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2083
References		BUGTRAQ : 20070415 ZoneAlarm Multiple insufficient argument validation of hooked SSDT function Vulnerability
		MISC : http://www.matousec.com/info/advisories/ZoneAlarm-...
		XF : zonealarm-vsdatant-dos(33664)
SecurityVulns:		Многочисленные уязвимости в ZoneAlarm (multiple bugs)