Heap-Based Buffer Overflow in Check Point VPN-1 Products
CVE-2004-0699
Currently unrated
Summary
The vulnerability in Check Point's VPN-1 product relates to a heap-based buffer overflow in its ASN.1 decoding library. This issue arises specifically when Aggressive Mode IKE is employed, allowing remote attackers to potentially execute arbitrary code. By initiating an IKE negotiation and transmitting a specially crafted IKE packet containing malformed ASN.1 data, an attacker can exploit this vulnerability, leading to unauthorized access and control over the affected system.
References
EPSS Score
17% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved