CVE-2005-3560:CVE-2005-3560 describes a remote bypass vulnerability in Zone Labs ZoneAlarm products (ZoneAlarm Pro 6.0, ZoneAlarm Internet Security Suite 6.0, ZoneAlarm Anti-Virus 6.0, ZoneAlarm Anti-Spyware 6.0 through 6.1, and ZoneAlarm 6.0) that allows bypassing the Advanced Program Control and OS Firewall filters via HTML Modal Dialogs containing JavaScript tags that use window.location.href.

splash
Back

Description Preview

This vulnerability permits a remote attacker to bypass ZoneAlarm’s Advanced Program Control and OS Firewall filters by exploiting HTML Modal Dialogs that embed JavaScript using window.location.href. The issue affects ZoneAlarm product families version 6.0 (including Pro, Internet Security Suite, Anti-Virus, and Anti-Spyware) and ZoneAlarm 6.0. An attacker could trigger the bypass by presenting URLs within HTML modal dialogs, thereby circumventing the product’s firewall filtering mechanisms.

Overview

Zone Alarm’s product line, including ZoneAlarm Pro 6.0, ZoneAlarm Internet Security Suite 6.0, ZoneAlarm Anti-Virus 6.0, ZoneAlarm Anti-Spyware 6.0–6.1, and ZoneAlarm 6.0, contains a vulnerability that enables remote attackers to bypass the Advanced Program Control and OS Firewall filters. The bypass relies on URLs embedded in HTML Modal Dialogs via JavaScript (window.location.href). This flaw could allow attackers to circumvent security policies that are intended to restrict or control program behavior and network access.

Remediation

  • Upgrade all affected ZoneAlarm products to a patched version or a newer release that includes fixes for this bypass vulnerability. Check Zone Labs/Check Point advisories for the exact patched builds.
  • If a patch is not yet available, implement compensating controls: review and tighten firewall rules at the OS or gateway level, disable or restrict the use of HTML modal dialogs in contexts where JavaScript could be used to bypass filters, and constrain JavaScript execution from untrusted sources where possible.
  • Apply any vendor-supplied security advisories or hotfixes, and monitor for new updates from the vendor. Validate that the vulnerability is mitigated in a test environment before broad deployment.
  • Conduct a configuration review of security policies related to program control and firewall rules to ensure they cannot be bypassed by web content or scripted dialogs, and consider upgrading to a more secure product line if feasible.

References

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Accommodation & Food Services: Low
    Accommodation & Food Services
  2. Administrative, Support, Waste Management & Remediation Services: Low
    Administrative, Support, Waste Management & Remediation Services
  3. Agriculture, Forestry Fishing & Hunting: Low
    Agriculture, Forestry Fishing & Hunting
  4. Arts, Entertainment & Recreation: Low
    Arts, Entertainment & Recreation
  5. Construction: Low
    Construction
  6. Educational Services: Low
    Educational Services
  7. Finance and Insurance: Low
    Finance and Insurance
  8. Health Care & Social Assistance: Low
    Health Care & Social Assistance
  9. Information: Low
    Information
  10. Management of Companies & Enterprises: Low
    Management of Companies & Enterprises
  11. Manufacturing: Low
    Manufacturing
  12. Mining: Low
    Mining
  13. Other Services (except Public Administration): Low
    Other Services (except Public Administration)
  14. Professional, Scientific, & Technical Services: Low
    Professional, Scientific, & Technical Services
  15. Public Administration: Low
    Public Administration
  16. Real Estate Rental & Leasing: Low
    Real Estate Rental & Leasing
  17. Retail Trade: Low
    Retail Trade
  18. Transportation & Warehousing: Low
    Transportation & Warehousing
  19. Utilities: Low
    Utilities
  20. Wholesale Trade: Low
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background