CVE-2006-0255

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Vpn-1
Vendor: CVE Published:; 18 January 2006

Summary

Unquoted Windows search path vulnerability in Check Point VPN-1 SecureClient might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run when SecureClient attempts to launch the Sr_GUI.exe program.

References

http://www.vupen.com/english/advisories/2006/0258

vdb-entryx_refsource_VUPEN

http://secdev.zoller.lu/research/checkpoint.txt

x_refsource_MISC

http://www.securityfocus.com/bid/16290

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jan 18, 2006
Vulnerability Reserved
Jan 18, 2006