Vulnerabilities > Checkpoint > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-04-01 | CVE-2013-7350 | Security vulnerability in Checkpoint Security Gateway R71.00/R71.45/R75.20 Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 (730159141) and R75.20.x before R75.20.4 and 600 and 1100 appliances R75.20.x before R75.20.42 have unknown impact and attack vectors related to "important security fixes." | 10.0 |
| 2011-10-05 | CVE-2011-1827 | Remote Code Execution vulnerability in Multiple Check Point SSL VPN On-Demand Applications Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX control or (2) Java applet. | 9.3 |
| 2007-06-29 | CVE-2007-3489 | Cross-Site Request Forgery vulnerability in Checkpoint Vpn-1 UTM Edge 7.0.33 Cross-site request forgery (CSRF) vulnerability in pop/WizU.html in the management interface in Check Point VPN-1 Edge X Embedded NGX 7.0.33x on the Check Point VPN-1 UTM Edge allows remote attackers to perform privileged actions as administrators, as demonstrated by a request with the swuuser and swupass parameters, which adds an administrator account. | 9.3 |
| 2004-07-07 | CVE-2004-0469 | Remote Buffer Overflow vulnerability in Check Point VPN-1 ISAKMP Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code during VPN tunnel negotiation. | 10.0 |
| 2004-03-03 | CVE-2004-0040 | Buffer Overflow vulnerability in Check Point VPN-1/SecuRemote ISAKMP Large Certificate Request Payload Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet. | 10.0 |
| 2004-03-03 | CVE-2004-0039 | Remote Format String vulnerability in Multiple Check Point Firewall-1 HTTP Security Server Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI. | 10.0 |