The host has ZoneAlarm Internet Security Suite installed, which is prone to buffer overflow vulnerability.
Exploitation could allow attackers to execute arbitrary code on the affected system or cause denial of service. Impact Level : Application
Upgrade to ZoneAlarm Internet Security Suite 9 or later. For updates refer to http://www.zonealarm.com/store/content/dotzone/freeDownloads.jsp
The vulnerability is due to inadequate boundary checks on user-supplied input in multiscan.exe file when performing virus scans on long paths or file names. This can be exploited by tricking into scanning malicious directory or file names.
ZoneAlarm Internet Security Suite 8.x and prior on Windows (All).
- PHP 'apache_request_headers()' Function Buffer Overflow Vulnerability (Windows)
- FileZilla Server Buffer Overflow Vulnerability
- ScriptFTP 'GETLIST' or 'GETFILE' Commands Remote Buffer Overflow Vulnerability
- XnView JPEG2000 Plugin Buffer Overflow Vulnerability (Win)
- Novell Groupwise Client ActiveX Control Buffer Overflow Vulnerability