Vulnerabilities > Checkpoint
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-01-28 | CVE-2008-5994 | Cross-Site Scripting vulnerability in Checkpoint Connectra NGX R62 Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. | 4.3 |
| 2009-01-06 | CVE-2008-5849 | Information Exposure vulnerability in Checkpoint Vpn-1 R55/R65 Check Point VPN-1 R55, R65, and other versions, when Port Address Translation (PAT) is used, allows remote attackers to discover intranet IP addresses via a packet with a small TTL, which triggers an ICMP_TIMXCEED_INTRANS (aka ICMP time exceeded in-transit) response containing an encapsulated IP packet with an intranet address, as demonstrated by a TCP packet to the firewall management server on port 18264. | 5.0 |
| 2008-03-20 | CVE-2008-1397 | Permissions, Privileges, and Access Controls vulnerability in Checkpoint products Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as one of this tunnel's endpoint RFC1918 IP addresses, and then using SecuRemote to connect to a network interface at the other endpoint. | 6.5 |
| 2008-03-08 | CVE-2008-1208 | Cross-Site Scripting vulnerability in Checkpoint Vpn-1 UTM Edge W Embedded NGX 7.0.48 Cross-site scripting (XSS) vulnerability in the login page in Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x allows remote attackers to inject arbitrary web script or HTML via the user parameter. | 4.3 |
| 2008-02-08 | CVE-2008-0662 | Incorrect Permission Assignment for Critical Resource vulnerability in Checkpoint Vpn-1 Secureclient Ngair56/Ngxr60 The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control permissions, which allows local users to gain privileges by reading and reusing the credentials. | 7.8 |
| 2007-08-21 | CVE-2007-4216 | Improper Input Validation vulnerability in Checkpoint Zonealarm 5.0.63.0/6.1.744.001/7.0.337.0 vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations. | 7.2 |
| 2007-06-29 | CVE-2007-3489 | Cross-Site Request Forgery vulnerability in Checkpoint Vpn-1 UTM Edge 7.0.33 Cross-site request forgery (CSRF) vulnerability in pop/WizU.html in the management interface in Check Point VPN-1 Edge X Embedded NGX 7.0.33x on the Check Point VPN-1 UTM Edge allows remote attackers to perform privileged actions as administrators, as demonstrated by a request with the swuuser and swupass parameters, which adds an administrator account. | 9.3 |
| 2007-05-16 | CVE-2007-2730 | Local Security vulnerability in Comodo Firewall Pro Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier. | 7.2 |
| 2007-05-16 | CVE-2007-2689 | Remote Security vulnerability in Checkpoint web Intelligence Gold Check Point Web Intelligence does not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. | 7.8 |
| 2007-04-24 | CVE-2007-2174 | Local Privilege Escalation vulnerability in Checkpoint Zonealarm 5.0.63.0 The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses. | 7.2 |