4 matches found
CVE-2011-1827
CVE-2011-1827 : Multiple vulnerabilities in Check Point components (SSL Network Extender/SNX, SecureWorkSpace, Endpoint Security On-Demand) allow remote code execution via a signed ActiveX control or Java applet. Exploitation, as described by SEC Consult, involves loading a malicious page or docu...
CVE-2007-0471
Check Point Connectra NGX R62 3.x and earlier (before Security Hotfix 5) are affected by CVE-2007-0471 due to an issue in sre/params.php of the Integrity Clientless Security (ICS) component that lets an attacker craft a Report parameter to obtain a valid ICSCookie token and bypass security. The a...
CVE-2008-5994
CVE-2008-5994 is an XSS vulnerability in Check Point Connectra NGX R62 HFA_01 (index.php) exploitable via the dir parameter. The root cause is inadequate sanitization of dir, allowing remote script/HTML injection. Impact details cited show partial integrity impact with no confidentiality or avail...
CVE-2005-2889
CVE-2005-2889 concerns Check Point NGX R60 where the CIFS service group implementation may mishandle traffic not designated as CIFS. The CERT/Check Point entry notes that the CIFS service group could allow unintended traffic to pass or cause legitimate traffic to be dropped, depending on rule con...