CVSS: 9.1EPSS: 2%CPEs: 1EXPL: 1CVE-2007-0471
https://notcve.org/view.php?id=CVE-2007-0471
24 Jan 2007 — sre/params.php in the Integrity Clientless Security (ICS) component in Check Point Connectra NGX R62 3.x and earlier before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote attackers to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie authentication token. El archivo sre/params.php en el componente Integrity Clientless Security (ICS) en Check Point Connectra NGX R62 versión 3.x y anteriores a Security Hotfix versión 5, y posiblemente VPN-1 NGX R62, per... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051920.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2006-3885
https://notcve.org/view.php?id=CVE-2006-3885
27 Jul 2006 — Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264. Vulnerabilidad de salto de directorio en Check Point Firewall-1 R55W anterior a HFA03 permite a atacantes remotos leer archivos de su elección mediante un .. (punto punto) codificado en el URL en el puerto TCP 18264. • http://secunia.com/advisories/21200 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2006-0255
https://notcve.org/view.php?id=CVE-2006-0255
18 Jan 2006 — Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program. • http://secdev.zoller.lu/research/checkpoint.txt •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-2932
https://notcve.org/view.php?id=CVE-2005-2932
31 Dec 2005 — Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=584 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 7%CPEs: 4EXPL: 1CVE-2005-4093 – Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass
https://notcve.org/view.php?id=CVE-2005-4093
08 Dec 2005 — Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint. • https://www.exploit-db.com/exploits/26754 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 9%CPEs: 8EXPL: 0CVE-2005-3673
https://notcve.org/view.php?id=CVE-2005-3673
18 Nov 2005 — The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://jvn.jp/niscc/NISCC-273756/index.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2889
https://notcve.org/view.php?id=CVE-2005-2889
14 Sep 2005 — Check Point NGX R60 does not properly verify packets against the predefined service group "CIFS" rule, which allows remote attackers to bypass intended restrictions. • http://marc.info/?l=bugtraq&m=112611529724821&w=2 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2313
https://notcve.org/view.php?id=CVE-2005-2313
19 Jul 2005 — Check Point SecuRemote NG with Application Intelligence R54 allows attackers to obtain credentials and gain privileges via unknown attack vectors. Check Point SecuRemote NG with Application Intelligence R54 permite que atacantes obtengan credenciales y ganen privilegios mediante formas de ataque desconocidas. • http://www.securityfocus.com/bid/14221 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2005-0114
https://notcve.org/view.php?id=CVE-2005-0114
11 Feb 2005 — vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer. • http://download.zonelabs.com/bin/free/securityAlert/19.html •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2004-2679
https://notcve.org/view.php?id=CVE-2004-2679
31 Dec 2004 — Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information. • http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0477.html •