Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Check Point Endpoint Security client for Windows by Check Point

    CVE-2019-8463 (GCVE-0-2019-8463)

    Vulnerability from nvd – Published: 2019-12-23 18:18 – Updated: 2024-08-04 21:17
    VLAI
    Summary
    A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations.
    Severity
    No CVSS data available.
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:17:31.349Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://supportcontent.checkpoint.com/solutions?id=sk163578"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Check Point Endpoint Security Client for Windows",
              "vendor": "Check Point",
              "versions": [
                {
                  "status": "affected",
                  "version": "before E82.10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-23T18:18:50.000Z",
            "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
            "shortName": "checkpoint"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://supportcontent.checkpoint.com/solutions?id=sk163578"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@checkpoint.com",
              "ID": "CVE-2019-8463",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Check Point Endpoint Security Client for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before E82.10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Check Point"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportcontent.checkpoint.com/solutions?id=sk163578",
                  "refsource": "CONFIRM",
                  "url": "https://supportcontent.checkpoint.com/solutions?id=sk163578"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "assignerShortName": "checkpoint",
        "cveId": "CVE-2019-8463",
        "datePublished": "2019-12-23T18:18:50.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:17:31.349Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8454 (GCVE-0-2019-8454)

    Vulnerability from nvd – Published: 2019-04-29 15:10 – Updated: 2024-08-04 21:17
    VLAI
    Summary
    A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:17:31.447Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk150012"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Check Point Endpoint Security client for Windows",
              "vendor": "Check Point",
              "versions": [
                {
                  "status": "affected",
                  "version": "before E80.96"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-65",
                  "description": "CWE-65,CWE-377",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-29T15:10:15.000Z",
            "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
            "shortName": "checkpoint"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk150012"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@checkpoint.com",
              "ID": "CVE-2019-8454",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Check Point Endpoint Security client for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before E80.96"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Check Point"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-65,CWE-377"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk150012",
                  "refsource": "MISC",
                  "url": "https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk150012"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "assignerShortName": "checkpoint",
        "cveId": "CVE-2019-8454",
        "datePublished": "2019-04-29T15:10:15.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:17:31.447Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8463 (GCVE-0-2019-8463)

    Vulnerability from cvelistv5 – Published: 2019-12-23 18:18 – Updated: 2024-08-04 21:17
    VLAI
    Summary
    A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations.
    Severity
    No CVSS data available.
    CWE
    • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:17:31.349Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://supportcontent.checkpoint.com/solutions?id=sk163578"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Check Point Endpoint Security Client for Windows",
              "vendor": "Check Point",
              "versions": [
                {
                  "status": "affected",
                  "version": "before E82.10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-59",
                  "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-12-23T18:18:50.000Z",
            "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
            "shortName": "checkpoint"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://supportcontent.checkpoint.com/solutions?id=sk163578"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@checkpoint.com",
              "ID": "CVE-2019-8463",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Check Point Endpoint Security Client for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before E82.10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Check Point"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportcontent.checkpoint.com/solutions?id=sk163578",
                  "refsource": "CONFIRM",
                  "url": "https://supportcontent.checkpoint.com/solutions?id=sk163578"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "assignerShortName": "checkpoint",
        "cveId": "CVE-2019-8463",
        "datePublished": "2019-12-23T18:18:50.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:17:31.349Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-8454 (GCVE-0-2019-8454)

    Vulnerability from cvelistv5 – Published: 2019-04-29 15:10 – Updated: 2024-08-04 21:17
    VLAI
    Summary
    A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T21:17:31.447Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk150012"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Check Point Endpoint Security client for Windows",
              "vendor": "Check Point",
              "versions": [
                {
                  "status": "affected",
                  "version": "before E80.96"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-65",
                  "description": "CWE-65,CWE-377",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-29T15:10:15.000Z",
            "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
            "shortName": "checkpoint"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk150012"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@checkpoint.com",
              "ID": "CVE-2019-8454",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Check Point Endpoint Security client for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before E80.96"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Check Point"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-65,CWE-377"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk150012",
                  "refsource": "MISC",
                  "url": "https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk150012"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "assignerShortName": "checkpoint",
        "cveId": "CVE-2019-8454",
        "datePublished": "2019-04-29T15:10:15.000Z",
        "dateReserved": "2019-02-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T21:17:31.447Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }