7.2

CVE-2006-0255

Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CheckpointVpn-1 Editionfp1
CheckpointVpn-1 Version4.1
CheckpointVpn-1 Version4.1 Updatesp1
CheckpointVpn-1 Version4.1 Updatesp2
CheckpointVpn-1 Version4.1 Updatesp3
CheckpointVpn-1 Version4.1 Updatesp4
CheckpointVpn-1 Version4.1 Updatesp5
CheckpointVpn-1 Version4.1 Updatesp5a
CheckpointVpn-1 Version4.1 Updatesp6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.26
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secdev.zoller.lu/research/checkpoint.txt
http://www.securityfocus.com/archive/1/422263/100/0/threaded
http://www.securityfocus.com/bid/16290
http://www.vupen.com/english/advisories/2006/0258