CVE-2007-5044

Name of the Vulnerable Software and Affected Versions ZoneAlarm Pro version 7.0.362.000

Description The issue arises from improper validation of certain parameters to System Service Descriptor Table (SSDT) function handlers. This can be exploited by local users to cause a denial of service (crash) and potentially gain privileges. The exploitation is related to the NtCreatePort and NtDeleteFile kernel SSDT hooks.

Recommendations For ZoneAlarm Pro version 7.0.362.000, consider restricting access to the NtCreatePort and NtDeleteFile kernel SSDT hooks as a temporary mitigation measure until a patch is available.