CVE-2006-3540

Name of the Vulnerable Software and Affected Versions Check Point Zone Labs ZoneAlarm Internet Security Suite versions 6.1.737.000, 6.5.722.000

Description The issue arises from improper validation of function calls, specifically RegSaveKey, RegRestoreKey, and RegDeleteKey, which can be exploited by local users to cause a denial of service, resulting in a system crash. This is achieved through a specific combination of these function calls with an argument related to HKEY LOCAL MACHINESYSTEMCurrentControlSetServicesVETFDDNTEnum.

Recommendations For version 6.1.737.000, consider disabling the RegSaveKey, RegRestoreKey, and RegDeleteKey functions as a temporary workaround until a patch is available. For version 6.5.722.000, restrict access to the HKEY LOCAL MACHINESYSTEMCurrentControlSetServicesVETFDDNTEnum registry key to minimize the risk of exploitation.