Name of the Vulnerable Software and Affected Versions:

Zone Alarm Pro versions 1.0 through 5.1

Description:

The issue allows local users to cause a denial of service by modifying the folder contents or permissions of the %windir%Internet Logs* directory, which is accessible to the EVERYONE group. This gives full access to the directory, potentially disrupting system functionality. Note that the vendor has disputed this issue, claiming it does not affect product functionality since the same information is also saved in a protected file.

Recommendations:

For Zone Alarm Pro versions 1.0 through 5.1, consider restricting access to the %windir%Internet Logs* directory to prevent local users from modifying its contents or permissions, which could cause a denial of service.