Lucene search

PRIOn knowledge basePRION:CVE-2006-0255

HistoryJan 18, 2006 - 1:51 a.m.

Design/Logic Flaw

2006-01-1801:51:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious “program.exe” file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program.

CPENameOperatorVersion
vpn-1eq4.1 sp6
vpn-1eq4.1
vpn-1eq4.1 sp3
vpn-1eq4.1 sp4
vpn-1eq4.1 sp1
vpn-1eq4.1 sp5
vpn-1eq4.1 sp5a
vpn-1eq4.1 sp2

Name	Operator	Version
vpn-1	eq	4.1 sp6
vpn-1	eq	4.1
vpn-1	eq	4.1 sp3
vpn-1	eq	4.1 sp4
vpn-1	eq	4.1 sp1
vpn-1	eq	4.1 sp5
vpn-1	eq	4.1 sp5a
vpn-1	eq	4.1 sp2

References

secdev.zoller.lu/research/checkpoint.txt

www.securityfocus.com/archive/1/422263/100/0/threaded

www.securityfocus.com/bid/16290

www.vupen.com/english/advisories/2006/0258

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2006-0255

cve1