CVE-2011-1827

Description

Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX control or (2) Java applet.

Affected products

• checkpoint / connectra_ngxr66.1 – r66.1
• checkpoint / connectra_ngxr66.1n – r66.1n
• checkpoint / vpn-1r65.70 – r65.70
• checkpoint / vpn-1r70.40 – r70.40
• checkpoint / vpn-1r71.30 – r71.30
• checkpoint / vpn-1r75 – r75
• checkpoint / vpn-1_firewall-1_vsxr65.20 – r65.20
• checkpoint / vpn-1_firewall-1_vsxr67 – r67

References

• MISChttp://www.securityfocus.com/bid/47695
• VENDOR_ADVISORYhttps://www.sec-consult.com/en/advisories.html#a68
• MISChttps://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk62410
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2011/1162