CVE-2005-3560

Name of the Vulnerable Software and Affected Versions ZoneAlarm Pro version 6.0 ZoneAlarm Internet Security Suite version 6.0 ZoneAlarm Anti-Virus version 6.0 ZoneAlarm Anti-Spyware versions 6.0 through 6.1 ZoneAlarm version 6.0

Description The issue allows remote attackers to bypass the Advanced Program Control and OS Firewall filters setting. This can be achieved via URLs in HTML Modal Dialogs, specifically through the window.location.href property contained within JavaScript tags.

Recommendations For ZoneAlarm Pro version 6.0, update to a version that addresses this issue. For ZoneAlarm Internet Security Suite version 6.0, update to a version that addresses this issue. For ZoneAlarm Anti-Virus version 6.0, update to a version that addresses this issue. For ZoneAlarm Anti-Spyware versions 6.0 through 6.1, update to a version that addresses this issue. For ZoneAlarm version 6.0, update to a version that addresses this issue. As a temporary workaround, consider restricting the use of JavaScript tags until a patch is available.