ZoneAlarm Pro 'Mobile Code' Bypass Vulnerability

Discussion in 'Windows Desktop Systems' started by tdinc, Jul 4, 2004.

  1. tdinc

    tdinc █▄█ ▀█▄ █ Political User

    Sterling Heights, MICHIGAN
    A vulnerability has been found in the 'Mobile Code' filter in ZoneAlarm Pro

    ZoneLabs (

    Affected Systems/Configuration:
    This test was done on a Windows XP Professional machine, running ZoneAlarm Pro 5.0.590.015. and 5.0.590.043 was released to the public on June 21, 2004 The Internet Explorer version is 6, with all patches.

    The new version of ZoneAlarm Pro features "Mobile Code" blocking, which blocks potentially dangerous web objects such as ActiveX, Java Applets, and certain MIME objects. The filter blocks out any "application/*" MIME type. The "Mobile Code" filter integrates with Internet Explorer.

    Unfortunately, the "Mobile Code" filter does not filter SSL content. A malicious person could lure a ZoneAlarm Pro user to a malicious SSL site with dangerous "Mobile Code" content; and ZoneAlarm Pro would not filter the "Mobile Code".

    None so far.
  2. gonaads

    gonaads Beware the G-Man Political User Folding Team

    Workaround... Don't click any frickin strange links! :p

    Good to know tdinc... good heads up. :)