Lucene search

[email protected]CVE-2007-2689

HistoryMay 16, 2007 - 1:19 a.m.

CVE-2007-2689

2007-05-1601:19:00

[email protected]

web.nvd.nist.gov

check point

web intelligence

unicode

encodings

vulnerability

http traffic

remote attackers

cve-2007-2689

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

86.2%

JSON

Check Point Web Intelligence does not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.

Affected configurations

NVD

Node

checkpointweb_intelligenceMatchgold

CPENameOperatorVersion
checkpoint:web_intelligencecheckpoint web intelligenceeqgold

CPE	Name	Operator	Version
checkpoint:web_intelligence	checkpoint web intelligence	eq	gold

References

www.gamasec.net/english/gs07-01.html

www.kb.cert.org/vuls/id/739224

www.securityfocus.com/archive/1/468633/100/0/threaded

www.securitytracker.com/id?1018067

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.7 Medium

AI Score

Confidence

Low

0.013 Low

EPSS

Percentile

86.2%

JSON

Related for CVE-2007-2689

nvd1 prion1 cvelist1