Vulnerability Report

CVE-2004-0612

Title: ZoneAlarm Pro Mobile Code filter bypass (Disputed)

Security Bypass

Proof Of Concept

No public PoC currently indexed for CVE-2004-0612.

CWE Category NVD-CWE-noinfo

Published Date Dec 06, 2004

Modified Date Apr 03, 2025

Exploit Status Not Found

Score 5.1 CVSS v2.0

Exploit Probability (EPSS)

0.36%

Vulnerability Summary

CVE-2004-0612: The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification.

Impacted Vendors

zonelabs 1

checkpoint 1

Reference Links

http://archives.neohapsis.com/archives/bugtraq/2004-06/0420.html http://marc.info/?l=bugtraq&m=108786444608208&w=2 http://www.securityfocus.com/bid/10584 https://exchange.xforce.ibmcloud.com/vulnerabilities/16471 http://archives.neohapsis.com/archives/bugtraq/2004-06/0420.html http://marc.info/?l=bugtraq&m=108786444608208&w=2 http://www.securityfocus.com/bid/10584 https://exchange.xforce.ibmcloud.com/vulnerabilities/16471

CVSS v2.0

Source Entity [email protected]

Severity MEDIUM

5.1

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:H/Au:N/C:P/I:P/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2004-0612 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

December 06, 2004 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:H/Au:N/C:P/I:P/A:P

Affected Stack

No specific products linked.