Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2753

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2012-2753
Last Modified 26 Jun 2012 12:00:00
Published 19 Jun 2012 04:55:07
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-2753

Summary

Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain privileges via a Trojan horse DLL in the current working directory.

Vulnerable Systems

Application

  • Checkpoint Endpoint Connect R73

  • Checkpoint Endpoint Security E80

  • Checkpoint Endpoint Security E80.10

  • Checkpoint Endpoint Security E80.20

  • Checkpoint Endpoint Security E80.30

  • Checkpoint Endpoint Security R73

  • Checkpoint Endpoint Security Vpn R75

  • Checkpoint Remote Access Clients E75

  • Checkpoint Remote Access Clients E75.10

  • Checkpoint Remote Access Clients E75.20


References

CONFIRM - https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk76480

BUGTRAQ - 20120613 Security Advisory - Checkpoint Endpoint Connect VPN - DLL Hijack


Last Updated: 27 May 2016 10:57:32