Vulnerabilities > CVE-2006-2324 - Remote Security vulnerability in Zango
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
180solutions Zango downloads "required Adware components" without checking integrity or authenticity, which might allow context-dependent attackers to execute arbitrary code by subverting the DNS resolution of static.zangocash.com. The only known mitigation for this vulnerability is to block access to static.zangocash.com or zangocash.com althogether at the firewall.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |