Computer Security
[EN] securityvulns.ru no-pyccku


CheckPoint SSL VPN ActiveX code execution
Published:17.08.2011
Source:
SecurityVulns ID:11863
Type:client
Threat Level:
7/10
Description:Unsafe methods allow file upload and execute.
CVE:CVE-2011-1827 (Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX control or (2) Java applet.)
Original documentdocumentSEC Consult Vulnerability Lab, SEC Consult SA-20110810-0 :: Client-side remote file upload & command execution in Check Point SSL VPN On-Demand applications - CVE-2011-1827 (17.08.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod