CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2174
https://notcve.org/view.php?id=CVE-2007-2174
The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses. el manejo de IOCTL en srescan.sys en el ZoneAlarm Spyware Removal Engine (SRE) de Check Point ZoneAlarm anterior a 5.0.156.0 permite a usuarios locales ejecutar código de su elección a través de determinadas direcciones de parámetros lrp IOCTL. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517 http://secunia.com/advisories/24986 http://www.securityfocus.com/archive/1/466656/100/0/threaded http://www.securityfocus.com/bid/23579 http://www.securitytracker.com/id?1017948 http://www.securitytracker.com/id?1017953 http://www.vupen.com/english/advisories/2007/1491 https://exchange.xforce.ibmcloud.com/vulnerabilities/33786 •
CVSS: 7.5EPSS: 55%CPEs: 1EXPL: 1CVE-2007-0471
https://notcve.org/view.php?id=CVE-2007-0471
sre/params.php in the Integrity Clientless Security (ICS) component in Check Point Connectra NGX R62 3.x and earlier before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote attackers to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie authentication token. El archivo sre/params.php en el componente Integrity Clientless Security (ICS) en Check Point Connectra NGX R62 versión 3.x y anteriores a Security Hotfix versión 5, y posiblemente VPN-1 NGX R62, permite a los atacantes remotos omitir los requisitos de seguridad por medio de un parámetro Report creado, que devuelve un token de autenticación ICSCookie válido. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051920.html http://osvdb.org/31655 http://secunia.com/advisories/23847 http://secureknowledge.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?lid=sk32472 http://securityreason.com/securityalert/2179 http://securitytracker.com/id?1017559 http://securitytracker.com/id?1017560 http://updates.checkpoint.com/fileserver/ID/7126/FILE/VPN-1_Hotfix1.pdf http://www.checkpoint.com/downloads/latest/hfa/connectra/security_r62.html http://w • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1CVE-2006-3885
https://notcve.org/view.php?id=CVE-2006-3885
Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264. Vulnerabilidad de salto de directorio en Check Point Firewall-1 R55W anterior a HFA03 permite a atacantes remotos leer archivos de su elección mediante un .. (punto punto) codificado en el URL en el puerto TCP 18264. • http://secunia.com/advisories/21200 http://securityreason.com/securityalert/1290 http://securitytracker.com/id?1016563 http://www.sec-tec.co.uk/vulnerability/r55w_directory_traversal.html http://www.securityfocus.com/archive/1/440990/100/0/threaded http://www.securityfocus.com/archive/1/441495/100/0/threaded http://www.securityfocus.com/bid/19136 http://www.vupen.com/english/advisories/2006/2965 https://exchange.xforce.ibmcloud.com/vulnerabilities/27937 •
CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0CVE-2006-0255
https://notcve.org/view.php?id=CVE-2006-0255
Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program. • http://secdev.zoller.lu/research/checkpoint.txt http://www.securityfocus.com/archive/1/422263/100/0/threaded http://www.securityfocus.com/bid/16290 http://www.vupen.com/english/advisories/2006/0258 •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2005-2932
https://notcve.org/view.php?id=CVE-2005-2932
Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584 http://secunia.com/advisories/26513 http://securitytracker.com/id?1018588 http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=53 http://www.securityfocus.com/bid/25365 http://www.securityfocus.com/bid/25377 http://www.vupen.com/english/advisories/2007/2929 https://exchange.xforce.ibmcloud.com/vulnerabilities/36110 • CWE-264: Permissions, Privileges, and Access Controls •