CVE-2019-8459

Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one.
Configurations

Configuration 1

cpe:2.3:a:checkpoint:jumbo_hotfix_for_endpoint_security_server:*:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security_server_package:*:*:*:*:gaia:*:*:*
cpe:2.3:a:checkpoint:smartconsole_for_endpoint_security_server:e80.83:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:smartconsole_for_endpoint_security_server:*:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:endpoint_security_clients:*:*:*:*:*:windows:*:*
cpe:2.3:a:checkpoint:remote_access_clients:*:*:*:*:*:windows:*:*
cpe:2.3:a:checkpoint:capsule_docs_standalone_client:*:*:*:*:*:*:*:*

Information

Published : 2019-06-20 05:15

Updated : 2019-10-09 11:52


NVD link : CVE-2019-8459

Mitre link : CVE-2019-8459

Products Affected
No products.
CWE