Just read this on another security forum (see link below):http://msmvps.com/donna/archive/2005....aspx#FeedBackZone Labs ShowHTMLDialog Bypassing VulnerabilityPosted on Monday, December 05, 2005 7:46 AM
"Zone Alarm Pro and Internet Security Suite are firewall programs for Microsoft Windows."
By exploiting Zone Lab's trust in certain web based programs, malicious programs can bypass Zone Alarm Pro and Internet Security Suite protection and send information about the system to attackers.
* Zone Alarm Pro version 6.0.x
* Zone Alarm Internet Security Suit version 6.0.x
* Zone Alarm Firewall with Anti-Spyware version 6.1.x
* Zone Alarm Firewall with Anti-Virus version 6.0.x
* Zone Alarm Firewall (Free Version) version 6.0.x
SecuriteamFeedback#<A target=_blank></A>ZoneAlarm piggyback vulnerability <A target=_blank></A>12/5/2005 12:45 PM by Iggy Uncensored
I've not received any official correspondence in regards to this security issue. The first I read of it was here. It seems their is a method that hackers can use to piggyback on legitimate browser traffic and send data to a malicious website. I'm not currently seeing any mention of this on the Zone Labs site. The Zone Labs user forum currently doesn't have an alert at the top in regards to this report either. The newest version of the ZoneAlarm firewall is not protected against this. This vulnerability is an issue even when Advance Program Control or OS ...
Operating System:Windows 98 (original)
Product Name:ZoneAlarm (Free)