CVE-2006-3540 Information

Description

Check Point Zone Labs ZoneAlarm Internet Security Suite 6.5.722.000 6.1.737.000 and possibly other versions do not properly validate RegSaveKey RegRestoreKey and RegDeleteKey function calls which allows local users to cause a denial of service (system crash) via a certain combination of these function calls with an HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VETFDDNT\Enum argument.

Reference

http://www.matousec.com/info/advisories/ZoneAlarm-Insufficient-protection-of-registry-key-VETFDDNT-Enum.php http://www.securityfocus.com/archive/1/438970/100/0/threaded http://www.securityfocus.com/bid/18789 https://exchange.xforce.ibmcloud.com/vulnerabilities/27584