Checkpoint Firewall-1 3.0b

CPE Details

Checkpoint Firewall-1 3.0b
checkpoint
firewall-1
3.0b
2007-08-23
19h16 +00:00
2007-09-14
15h36 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:checkpoint:firewall-1:3.0b:*:*:*:*:*:*:*

Informations

Vendor

checkpoint

Product

firewall-1

Version

3.0b

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2004-0039 2004-02-11 04h00 +00:00 Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI.
10
CVE-2001-1171 2002-03-15 04h00 +00:00 Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy.
7.2
CVE-1999-1204 2002-03-09 04h00 +00:00 Check Point Firewall-1 does not properly handle certain restricted keywords (e.g., Mail, auth, time) in user-defined objects, which could produce a rule with a default "ANY" address and result in access to more systems than intended by the administrator.
7.5
CVE-2000-1201 2001-09-12 02h00 +00:00 Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264.
5
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.