CVE-2007-2174

Name of the Vulnerable Software and Affected Versions Check Point ZoneAlarm versions prior to 5.0.156.0

Description The issue concerns the IOCTL handling in srescan.sys within the ZoneAlarm Spyware Removal Engine (SRE), allowing local users to execute arbitrary code via certain IOCTL lrp parameter addresses.

Recommendations For versions prior to 5.0.156.0, update to version 5.0.156.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the srescan.sys driver to minimize the risk of exploitation.