Vulnerabilities > Checkpoint
|2013-11-30||CVE-2013-5636|| Credentials Management vulnerability in Checkpoint Endpoint Security |
Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM with a copy of itself after each few password guesses.
| 3.3 |
|2013-11-30||CVE-2013-5635|| Credentials Management vulnerability in Checkpoint Endpoint Security |
Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously.
| 3.3 |
|2012-08-25||CVE-2010-5184|| Race Condition vulnerability in Checkpoint Zonealarm Extreme Security 9.1.507.000 |
** DISPUTED ** Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack.
| 6.2 |
|2012-06-19||CVE-2012-2753|| Unspecified vulnerability in Checkpoint products |
Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain privileges via a Trojan horse DLL in the current working directory.
| 6.9 |
|2011-10-05||CVE-2011-1827|| Remote Code Execution vulnerability in Multiple Check Point SSL VPN On-Demand Applications |
Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX control or (2) Java applet.
| 9.3 |
|2011-07-08||CVE-2011-2664|| Local Security vulnerability in Check Point Provider-1 |
Unspecified vulnerability in Check Point Multi-Domain Management / Provider-1 NGX R65, R70, R71, and R75, and SmartCenter during installation on non-Windows machines, allows local users on the MDS system to overwrite arbitrary files via unknown vectors.
| 3.6 |
|2009-08-21||CVE-2008-7025|| Remote Denial of Service vulnerability in Checkpoint Zonealarm 8.0.020.000 |
TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service (crash) and disable the HIDS module via a crafted response.
| 4.3 |
|2009-08-19||CVE-2008-7009|| Buffer Errors vulnerability in Checkpoint Zonealarm 7.0.483.000/8.0.020.000 |
Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path.
| 6.9 |
|2009-04-02||CVE-2009-1227|| Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Checkpoint Firewall-1 PKI web Service |
** DISPUTED ** NOTE: this issue has been disputed by the vendor.
| 10.0 |
|2009-01-28||CVE-2008-5994|| Cross-Site Scripting vulnerability in Checkpoint Connectra NGX R62 |
Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
| 4.3 |