ZoneAlarm Flaw Opens Firewalls To E-mail Attack
By TechWeb News
Zone Labs has alerted users that several versions of its personal firewall products are vulnerable to a buffer overflow attack conducted via e-mail that could leave supposedly-protected systems open to malicious code assaults, the company said.
The affected editions include the 4.0 versions of ZoneAlarm, ZoneAlarm Plus, and ZoneAlarm Pro; ZoneAlarm Pro 4.5; and Zone Labs Integrity Client 4.0 and 4.5.
"If successfully exploited, a skilled attacker could cause the firewall to stop processing traffic, execute arbitrary code, or elevate malicious code's privileges," ZoneAlarm said Wednesday in the alert posted on its Web site.