CVE-2006-1221

Name of the Vulnerable Software and Affected Versions ZoneAlarm versions 6.x

Description The issue is related to an untrusted search path vulnerability in the TrueVector service (VSMON.exe) of ZoneAlarm. This vulnerability might allow local users to execute code as SYSTEM by placing malicious DLLs into a folder that has insecure permissions and is searched before ZoneAlarm's folder. The exploitation of this issue is dependent on the existence of a vulnerability in a separate product, such as weak permissions of executables or libraries, or the execution of malicious code.

Recommendations For ZoneAlarm version 6.x, consider restricting access to folders with insecure permissions to minimize the risk of exploitation. As a temporary workaround, ensure that ZoneAlarm's own folders are searched before other folders specified in a user's PATH to prevent malicious DLLs from being loaded. At the moment, there is no information about a newer version that contains a fix for this vulnerability.