SSL Encryption Bypass Vulnerability in ZoneAlarm Pro 5.0.590.015

SSL Encryption Bypass Vulnerability in ZoneAlarm Pro 5.0.590.015

CVE-2004-0612 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

The Mobile Code filter in ZoneAlarm Pro 5.0.590.015 does not filter mobile code within an SSL encrypted session, which could allow remote attackers to bypass the mobile code filtering. NOTE: it has been disputed by the vendor that this behavior is required by the SSL specification.

Learn more about our Mobile App Penetration Testing.