The host has ZoneAlarm Internet Security Suite installed, which is prone to buffer overflow vulnerability.
Exploitation could allow attackers to execute arbitrary code on the affected system or cause denial of service. Impact Level : Application
Upgrade to ZoneAlarm Internet Security Suite 9 or later. For updates refer to http://www.zonealarm.com/store/content/dotzone/freeDownloads.jsp
The vulnerability is due to inadequate boundary checks on user-supplied input in multiscan.exe file when performing virus scans on long paths or file names. This can be exploited by tricking into scanning malicious directory or file names.
ZoneAlarm Internet Security Suite 8.x and prior on Windows (All).
- Novell Groupwise Client ActiveX Control Buffer Overflow Vulnerability
- ICQ 'ICQToolBar.dll' Buffer Overflow Vulnerability
- VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Linux)
- NTP 'ntpd' Autokey Stack Overflow Vulnerability
- Ziproxy Image Parsing Multiple Integer Overflow Vulnerabilities