Subject: [SA13244] ZoneAlarm Advertising Blocking Denial of Service Vulnerability
TITLE: ZoneAlarm Advertising Blocking Denial of Service Vulnerability SECUNIA ADVISORY ID: SA13244 VERIFY ADVISORY: http://secunia.com/advisories/13244/ CRITICAL: Less critical IMPACT: DoS WHERE: >From remote SOFTWARE: ZoneAlarm Security Suite 5.x http://secunia.com/product/4272/ ZoneAlarm Pro 5.x http://secunia.com/product/4280/ ZoneAlarm Pro 4.x http://secunia.com/product/1961/ ZoneAlarm Pro 3.x http://secunia.com/product/1960/ DESCRIPTION: Nicolas Robillard has reported a vulnerability in ZoneAlarm Pro and ZoneAlarm Security Suite, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the Ad-Blocking feature (disabled by default) when processing JavaScript and can be exploited by tricking a user into visiting a malicious web site containing specially crafted JavaScript. Successful exploitation causes the system to become unstable or stop responding completely. SOLUTION: Update to version 5.5.062 or later via the "Check For Update" feature. ORIGINAL ADVISORY: http://download.zonelabs.com/bin/free/securityAlert/18.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
