Lucene search

PRIOn knowledge basePRION:CVE-2012-2753

HistoryJun 19, 2012 - 8:55 p.m.

Design/Logic Flaw

2012-06-1920:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain privileges via a Trojan horse DLL in the current working directory.

CPENameOperatorVersion
endpoint_connecteq73.0.114
endpoint_securityeqe80.10 vpn-blade
endpoint_securityeqe80 vpn-blade
endpoint_securityeq73.0.114
endpoint_securityeqe80.20 vpn-blade
endpoint_securityeqe80.30 vpn-blade
endpoint_security_vpneq75.0.114
remote_access_clientseq75.0.101
remote_access_clientseq75.20.101
remote_access_clientseq75.10.101

Name	Operator	Version
endpoint_connect	eq	73.0.114
endpoint_security	eq	e80.10 vpn-blade
endpoint_security	eq	e80 vpn-blade
endpoint_security	eq	73.0.114
endpoint_security	eq	e80.20 vpn-blade
endpoint_security	eq	e80.30 vpn-blade
endpoint_security_vpn	eq	75.0.114
remote_access_clients	eq	75.0.101
remote_access_clients	eq	75.20.101
remote_access_clients	eq	75.10.101

References

archives.neohapsis.com/archives/bugtraq/2012-06/0069.html

supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk76480

7 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2012-2753