VAR-201206-0104
Vulnerability from variot - Updated: 2023-12-18 13:40Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain privileges via a Trojan horse DLL in the current working directory. DLL It may be possible to get permission through the file. Check Point Endpoint Connect is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. Check Point Endpoint Security is a set of endpoint security solutions from Check Point Company in the United States. This solution combines firewall, network access control, anti-virus, anti-spyware, data security and other functions to ensure that terminal PCs are free from Web-based threats. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Check Point Endpoint Connect Insecure Library Loading Vulnerability
SECUNIA ADVISORY ID: SA49432
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49432/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49432
RELEASE DATE: 2012-06-11
DISCUSS ADVISORY: http://secunia.com/advisories/49432/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49432/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49432
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Check Point EndPoint Connect, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading certain libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening unspecified file types located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
SOLUTION: Apply available hotfixes.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Moshe Zioni, Comsec Consulting.
ORIGINAL ADVISORY: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk76480&src=securityAlerts
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
A user with local disk access can carefuly construct a DLL that suits a pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly.
Impact
After the DLL has been implemented, an unsuspected user that will run the program will cause it to load, resulting in arbitrary code execution with user's privilege level.
Solution
Apply the appropriate Hotfix released by Checkpoint (one line URL): https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=&solutionid=sk76480
Credits
The issue was responsibly reported by Moshe Zioni from Comsec Global Consulting.
Timeline
11 June 2012 Checkpoint officialy announce a Hotfix for the issue 6 June 2012 Checkpoint reported on finishing a fix to the reported issue 16 May 2012 Further correspondance (Comsec-Checkpoint) took place, discussing a remidiation 15 May 2012 First response from Checkpoint Security Team 15 May 2012 Bug reported by Moshe Zioni from Comsec Global Consulting
References
Checkpoint http://www.checkpoint.com/ Comsec Global Consulting http://www.comsecglobal.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0104",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "endpoint security",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "r73"
},
{
"model": "endpoint security",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "e80.30"
},
{
"model": "endpoint security",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "e80.10"
},
{
"model": "endpoint security vpn",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "r75"
},
{
"model": "remote access clients",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "e75.10"
},
{
"model": "remote access clients",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "e75"
},
{
"model": "endpoint security",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "e80"
},
{
"model": "endpoint security",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "e80.20"
},
{
"model": "remote access clients",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "e75.20"
},
{
"model": "endpoint connect",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "r73"
},
{
"model": "endpoint connect",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "r73.x"
},
{
"model": "endpoint security",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "r73.x and e80.x (vpn blade)"
},
{
"model": "endpoint security vpn",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "r75"
},
{
"model": "remote access clients",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "e75.x"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002785"
},
{
"db": "NVD",
"id": "CVE-2012-2753"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-146"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80:-:vpn_blade:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:remote_access_clients:e75.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.20:-:vpn_blade:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.30:-:vpn_blade:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security_vpn:r75:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_connect:r73:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:r73:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:endpoint_security:e80.10:-:vpn_blade:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:remote_access_clients:e75:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:checkpoint:remote_access_clients:e75.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2753"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moshe Zioni, Comsec Consulting",
"sources": [
{
"db": "BID",
"id": "53925"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2753",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-2753",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-56034",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2753",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-146",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-56034",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56034"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002785"
},
{
"db": "NVD",
"id": "CVE-2012-2753"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-146"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain privileges via a Trojan horse DLL in the current working directory. DLL It may be possible to get permission through the file. Check Point Endpoint Connect is prone to a vulnerability that lets attackers execute arbitrary code. \nAn attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. Check Point Endpoint Security is a set of endpoint security solutions from Check Point Company in the United States. This solution combines firewall, network access control, anti-virus, anti-spyware, data security and other functions to ensure that terminal PCs are free from Web-based threats. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nCheck Point Endpoint Connect Insecure Library Loading Vulnerability\n\nSECUNIA ADVISORY ID:\nSA49432\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49432/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49432\n\nRELEASE DATE:\n2012-06-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49432/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49432/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49432\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Check Point EndPoint Connect,\nwhich can be exploited by malicious people to compromise a user\u0027s\nsystem. \n\nThe vulnerability is caused due to the application loading certain\nlibraries in an insecure manner. This can be exploited to load\narbitrary libraries by tricking a user into opening unspecified file\ntypes located on a remote WebDAV or SMB share. \n\nSuccessful exploitation allows execution of arbitrary code. \n\nSOLUTION:\nApply available hotfixes. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Moshe Zioni, Comsec Consulting. \n\nORIGINAL ADVISORY:\nhttps://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk76480\u0026src=securityAlerts\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nA user with local disk access can carefuly construct a DLL that suits a pattern\nthat is being traversed by the client and implement it somewhere along the\nsearch path and the client will load it seamlessly. \n\nImpact\n==========\nAfter the DLL has been implemented, an unsuspected user that will run the\nprogram will cause it to load, resulting in arbitrary code execution with\nuser\u0027s privilege level. \n\nSolution\n==========\nApply the appropriate Hotfix released by Checkpoint (one line URL):\nhttps://supportcenter.checkpoint.com/supportcenter/portal?\n\t\t\t\t\t\teventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk76480\n\nCredits\n==========\nThe issue was responsibly reported by Moshe Zioni from Comsec Global Consulting. \n\nTimeline\n===========\n11 June 2012\nCheckpoint officialy announce a Hotfix for the issue\n6 June 2012\nCheckpoint reported on finishing a fix to the reported issue\n16 May 2012\nFurther correspondance (Comsec-Checkpoint) took place, discussing a remidiation\n15 May 2012\nFirst response from Checkpoint Security Team\n15 May 2012\nBug reported by Moshe Zioni from Comsec Global Consulting\n\nReferences\n===========\nCheckpoint\nhttp://www.checkpoint.com/\nComsec Global Consulting\nhttp://www.comsecglobal.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2753"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002785"
},
{
"db": "BID",
"id": "53925"
},
{
"db": "VULHUB",
"id": "VHN-56034"
},
{
"db": "PACKETSTORM",
"id": "113537"
},
{
"db": "PACKETSTORM",
"id": "113630"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-56034",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56034"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2753",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002785",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201206-146",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "49432",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20120613 SECURITY ADVISORY - CHECKPOINT ENDPOINT CONNECT VPN - DLL HIJACK",
"trust": 0.6
},
{
"db": "BID",
"id": "53925",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "113630",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-56034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "113537",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56034"
},
{
"db": "BID",
"id": "53925"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002785"
},
{
"db": "PACKETSTORM",
"id": "113537"
},
{
"db": "PACKETSTORM",
"id": "113630"
},
{
"db": "NVD",
"id": "CVE-2012-2753"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-146"
}
]
},
"id": "VAR-201206-0104",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-56034"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:40:07.685000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Endpoint Connect (EPC) DLL hijacking vulnerability",
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk76480"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002785"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002785"
},
{
"db": "NVD",
"id": "CVE-2012-2753"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-06/0069.html"
},
{
"trust": 1.6,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk76480"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2753"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2753"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49432"
},
{
"trust": 0.3,
"url": "http://blog.rapid7.com/?p=5325"
},
{
"trust": 0.3,
"url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/b/msrc/archive/2010/08/21/microsoft-security-advisory-2269637-released.aspx"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/technet/security/advisory/2269637.mspx"
},
{
"trust": 0.1,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026amp;solutionid=sk76480"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk76480\u0026src=securityalerts"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49432"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49432/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49432/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2753"
},
{
"trust": 0.1,
"url": "http://www.checkpoint.com/"
},
{
"trust": 0.1,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?"
},
{
"trust": 0.1,
"url": "http://www.comsecglobal.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56034"
},
{
"db": "BID",
"id": "53925"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002785"
},
{
"db": "PACKETSTORM",
"id": "113537"
},
{
"db": "PACKETSTORM",
"id": "113630"
},
{
"db": "NVD",
"id": "CVE-2012-2753"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-146"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-56034"
},
{
"db": "BID",
"id": "53925"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002785"
},
{
"db": "PACKETSTORM",
"id": "113537"
},
{
"db": "PACKETSTORM",
"id": "113630"
},
{
"db": "NVD",
"id": "CVE-2012-2753"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-146"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-19T00:00:00",
"db": "VULHUB",
"id": "VHN-56034"
},
{
"date": "2012-06-11T00:00:00",
"db": "BID",
"id": "53925"
},
{
"date": "2012-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002785"
},
{
"date": "2012-06-12T12:49:41",
"db": "PACKETSTORM",
"id": "113537"
},
{
"date": "2012-06-14T00:48:53",
"db": "PACKETSTORM",
"id": "113630"
},
{
"date": "2012-06-19T20:55:07.037000",
"db": "NVD",
"id": "CVE-2012-2753"
},
{
"date": "2012-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-146"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-26T00:00:00",
"db": "VULHUB",
"id": "VHN-56034"
},
{
"date": "2012-06-17T00:02:00",
"db": "BID",
"id": "53925"
},
{
"date": "2012-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002785"
},
{
"date": "2012-06-26T04:00:00",
"db": "NVD",
"id": "CVE-2012-2753"
},
{
"date": "2012-06-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-146"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "113630"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-146"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point Vulnerabilities that can be authorized in multiple products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002785"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "53925"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…